An issue was discovered in the truetype crate before 0.30.1 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation within Tape::take_bytes.
{ "nvd_published_at": null, "github_reviewed_at": "2021-08-19T17:22:46Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-908" ] }