```toml
[advisory]
id = "RUSTSEC-2021-0114"
package = "nanorand"
date = "2021-09-23"
url = "https://github.com/Absolucy/nanorand-rs/issues/28"
keywords = ["memory-safety", "aliasing"]
aliases = ["CVE-2021-45705", "GHSA-p6gj-gpc8-f8xw", "GHSA-r57r-j98g-587f"]

[versions]
patched = [">= 0.6.1"]
unaffected = ["< 0.5.0"]

[affected]
functions = { "nanorand::tls::tls_rand" = [">= 0.5.0", "<= 0.6.0"] }
```

# Aliased mutable references from `tls_rand` & `TlsWyRand`

`TlsWyRand`'s implementation of `Deref` unconditionally dereferences a raw pointer, and returns 
multiple mutable references to the same object, which is undefined behavior.