5 matches found
CVE-2020-36439
An issue was discovered in the ticketedlock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket and WriteTicket...
amethyst (>=0.5.0 <=0.5.1), specs (>=0.8.0 <=0.8.1) potentially affected by CVE-2020-36439 via ticketed_lock (=0.1.0)
ticketedlock CARGO version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on ticketedlock and may be impacted: - amethyst =0.5.0, =0.8.0, =0.8.1 Source cves: CVE-2020-36439 Source advisory: OSV:GHSA-77M6-X95J-75R5...
CVE-2020-36439
creationtimestamp| type| source ---|---|--- 2021-08-08 12:35:50+00:00| seen| https://t.me/cibsecurity/26985...
CVE-2020-36439
The CVE-2020-36439 entry concerns the Rust crate ticketed_lock prior to 0.3.0, which unconditionally implemented Send for ReadTicket and WriteTicket. This allows sending non-Send T across threads, enabling data races with internal mutability and potentially memory corruption or undefined behavior...
amethyst (>=0.5.0 <=0.5.1), specs (>=0.8.0 <=0.8.1) potentially affected by CVE-2020-36439 via ticketed_lock (=0.1.0)
ticketedlock CARGO version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on ticketedlock and may be impacted: - amethyst =0.5.0, =0.8.0, =0.8.1 Source cves: CVE-2020-36439 Source advisory: OSV:RUSTSEC-2020-0119...