Vulnerabilities > CVE-2020-36210 - Use of Uninitialized Resource vulnerability in Autorand Project Autorand

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
autorand-project
CWE-908

Summary

An issue was discovered in the autorand crate before 0.2.3 for Rust. Because of impl Random on arrays, uninitialized memory can be dropped when a panic occurs, leading to memory corruption.

Common Weakness Enumeration (CWE)