6 matches found
garbo (>=0.1.0 <=0.2.0) potentially affected by CVE-2020-36450 via bunch (=0.1.0)
bunch CARGO version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on bunch and may be impacted: - garbo =0.1.0, =0.2.0 Source cves: CVE-2020-36450 Source advisory: OSV:GHSA-JWPH-QP5H-F9WJ...
CVE-2020-36450
creationtimestamp| type| source ---|---|--- 2021-08-08 12:35:38+00:00| seen| https://t.me/cibsecurity/26978...
CVE-2020-36450
An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch...
CVE-2020-36450
An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch...
CVE-2020-36450
The CVE-2020-36450 issue affects the Rust crate payload “bunch” (through 2020-11-12) where Bunch unconditionally implements Send and Sync. This design allows inserting T values that are not Send/Sync (e.g., T: !Send, T: !Sync) and using Bunch across threads (for example via Bunch::get() returning...
garbo (>=0.1.0 <=0.2.0) potentially affected by CVE-2020-36450 via bunch (=0.1.0)
bunch CARGO version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on bunch and may be impacted: - garbo =0.1.0, =0.2.0 Source cves: CVE-2020-36450 Source advisory: OSV:RUSTSEC-2020-0130...