An issue was discovered in the truetype crate before 0.30.1 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation within Tape::take_bytes.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| truetype(crates.io) | 0 | 0.30.1 | N/A |
CVSS Metrics
