2 matches found
airust (=0.1.6), font (>=0.2.0 <=0.3.2) +6 more potentially affected by CVE-2021-26953 via postscript (>=0.10.1 <=0.11.1)
postscript CARGO version =0.10.1, =0.2.0, =0.0.2, =0.1.0, =0.15.0, =0.1.0, =0.6.3 - text =0.0.4 Source cves: CVE-2021-26953 Source advisory: OSV:GHSA-FHVC-GP6C-H2WX...
CVE-2021-26953
The CVE-2021-26953 issue affects the Rust crate postscript, prior to version 0.14.0. Affected functionality passes an uninitialized buffer to a user-provided Read implementation, allowing potential information disclosure from uninitialized memory. The underlying cause is exposing an uninitialized...