CVE-2021-28033: Deserializing an array can free uninitialized memory in byte_struct

Severity: Critical

CVSS Score: 9.8

An issue was discovered in the byte_struct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics.