CVE-2021-26308
The CVE concerns the marc crate for Rust, affecting versions before 2.0.0. Affected code path is within the user-provided Read implementation (Record::read()), which could expose the old contents of newly allocated memory due to an uninitialized buffer being exposed to callers. This memory exposu...