Vulnerabilities > CVE-2021-45705 - Unspecified vulnerability in Nanorand Project Nanorand

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

nanorand-project

critical

NVD

Published: 2021-12-27

Updated: 2022-01-06

Summary

An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer.

Vulnerable Configurations

Part	Description	Count
Application	Nanorand_Project Nanorand Project Nanorand 0.5.0 Nanorand Project Nanorand 0.5.1 Nanorand Project Nanorand 0.5.2 Nanorand Project Nanorand 0.6.0	4

References

https://rustsec.org/advisories/RUSTSEC-2021-0114.html
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/nanorand/RUSTSEC-2021-0114.md