174 matches found
SUSE CVE-2020-15254
Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that Vec::fromiter has allocated capacity that same as the number of iterator elements. Vec::fromiter does not actually guarantee that and may allocate extra...
SUSE CVE-2020-35904
An issue was discovered in the crossbeam-channel crate before 0.4.4 for Rust. It has incorrect expectations about the relationship between the memory allocation and how many iterator elements there are...
SUSE CVE-2021-32810
crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never...
SUSE CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
Amazon Linux 2 : thunderbird (ALAS-2022-1818)
The version of thunderbird installed on the remote host is prior to 91.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1818 advisory. crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versio...
a2 (>=0.2.0 <=0.3.6), abc (>=0.1.0 <=0.2.3) +521 more potentially affected by unknown CVE via crossbeam (>=0.1.6 <=0.6.0)
crossbeam CARGO version =0.1.6, =0.2.0, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.8.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-8GJ8-HV75-GP94...
a2 (>=0.5.0-alpha.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +425 more potentially affected by unknown CVE via crossbeam-queue (>=0.1.2 <=0.2.0)
crossbeam-queue CARGO version =0.1.2, =0.5.0-alpha.6, =0.0.2, =0.0.1, =0.1.0-alpha.2, =0.1.5, =0.12.0, =0.5.0, =0.1.0, =0.3.0 - amethyst-navigation =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-6888-WF7J-34JQ...
a2 (>=0.3.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +950 more potentially affected by unknown CVE via crossbeam-channel (>=0.1.3 <=0.3.9)
crossbeam-channel CARGO version =0.1.3, =0.3.6, =0.4.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9G55-PG62-M8HH...
abc (>=0.1.0 <=0.2.3), aerospike (>=0.0.1 <=1.3.0) +323 more potentially affected by unknown CVE via crossbeam (>=0.1.6 <=0.2.12)
crossbeam CARGO version =0.1.6, =0.1.0, =0.0.1, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.4.0, =0.4.0, =0.4.0, =0.0.6, =0.0.9 and more Source cves: unknown CVE Source advisory: OSV:GHSA-RWF4-GX62-RQFW...
abc (>=0.1.0 <=0.2.3), aerospike (>=0.0.1 <=1.3.0) +323 more potentially affected by unknown CVE via crossbeam (>=0.1.6 <=0.2.12)
crossbeam CARGO version =0.1.6, =0.1.0, =0.0.1, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.4.0, =0.4.0, =0.4.0, =0.0.6, =0.0.9 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0029...
a2 (>=0.3.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +950 more potentially affected by unknown CVE via crossbeam-channel (>=0.1.3 <=0.3.9)
crossbeam-channel CARGO version =0.1.3, =0.3.6, =0.4.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0019...
a2 (>=0.5.0-alpha.6 <=0.5.0-alpha.7), abci-rs (=0.2.0) +425 more potentially affected by unknown CVE via crossbeam-queue (>=0.1.2 <=0.2.0)
crossbeam-queue CARGO version =0.1.2, =0.5.0-alpha.6, =0.0.2, =0.0.1, =0.1.0-alpha.2, =0.1.5, =0.12.0, =0.5.0, =0.1.0, =0.3.0 - amethyst-navigation =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0021...
a2 (>=0.2.0 <=0.3.6), abc (>=0.1.0 <=0.2.3) +521 more potentially affected by unknown CVE via crossbeam (>=0.1.6 <=0.6.0)
crossbeam CARGO version =0.1.6, =0.2.0, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.8.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0020...
Denial Of Service (DoS)
crossbeam-utils is vulnerable to firefox:devel. It provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of...
ABC-ECS (>=0.1.4 <=0.2.1), ABC_Game_Engine (>=0.1.0 <=0.1.2) +29852 more potentially affected by CVE-2022-23639 via crossbeam-utils (>=0.1.0 <=0.8.21)
crossbeam-utils CARGO version =0.1.0, =0.1.4, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.8, =0.1.0, =0.0.0, =0.1.2, =0.1.0, =0.0.8, =0.1.0, =1.0.1 - GuiNistRs =0.1.0 - HPGO =0.9.2 and more Source cves: CVE-2022-23639 Source advisory: OSV:GHSA-QC84-GQF4-9926...
crossbeam-utils Unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64
Impact The affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates...
GHSA-QC84-GQF4-9926 crossbeam-utils Unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64
Impact The affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates...
CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
DEBIAN-CVE-2022-23639
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
AZL-44763 CVE-2022-23639 affecting package ripgrep 13.0.0-12
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...