Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:RUSTSEC-2020-0130
HistoryNov 12, 2020 - 12:00 p.m.

Bunch<T> unconditionally implements Send/Sync

2020-11-1212:00:00
Google
osv.dev
3
bunch implementation
data races
memory corruption
send
sync
threads

EPSS

0.003

Percentile

69.3%

JSON

Affected versions of this crate unconditionally implements Send/Sync for Bunch&lt;T&gt;.
This allows users to insert T: !Sync to Bunch&lt;T&gt;. It is possible to create a data race to a T: !Sync by invoking the Bunch::get() API (which returns &T) from multiple threads. It is also possible to send T: !Send to other threads by inserting T inside Bunch&lt;T&gt; and sending Bunch&lt;T&gt; to another thread, allowing to create a data race by inserting types like T = Rc&lt;_&gt;.

Such data races can lead to memory corruption.

Related

cve 1
prion 1
cvelist 1
rustsec 1
github 1
osv 1
cnvd 1
nvd 1
cve
cve
CVE-2020-36450
2021-08-08 06:15:07
prion
prion
Design/Logic Flaw
2021-08-08 06:15:00
cvelist
cvelist
CVE-2020-36450
2021-08-08 05:15:34
rustsec
rustsec
Bunch<T> unconditionally implements Send/Sync
2020-11-12 12:00:00
github
github
Data races in bunch
2021-08-25 20:59:18
osv
osv
Data races in bunch
2021-08-25 20:59:18
cnvd
cnvd
Mozilla Rust Command Injection Vulnerability (CNVD-2021-78749)
2021-09-23 00:00:00
nvd
nvd
CVE-2020-36450
2021-08-08 06:15:07

EPSS

0.003

Percentile

69.3%

JSON
Related for OSV:RUSTSEC-2020-0130
cve1prion1cvelist1rustsec1github1osv1cnvd1nvd1