CVE-2020-35927

An issue was discovered in the thex crate through 2020-12-08 for Rust. Thex allows cross-thread data races of non-Send types...

CVE-2020-36511

An issue was discovered in the bite crate through 2020-12-31 for Rust. read::BiteReadExpandedExt::readframedmax may read from uninitialized memory locations...

CVE-2020-36437

An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender...

CVE-2020-36448

An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache...

CVE-2020-36439

An issue was discovered in the ticketedlock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket and WriteTicket...

CVE-2020-36514

An issue was discovered in the accreader crate through 2020-12-27 for Rust. fillbuf may read from uninitialized memory locations...

CVE-2020-36442

An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...

CVE-2020-36438

An issue was discovered in the tinyfuture crate before 0.4.0 for Rust. Future does not have bounds on its Send and Sync traits...

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

CVE-2020-36443

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...

CVE-2020-36447

An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRef...

CVE-2020-36206

An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and Sync bounds, a data race and memory corruption can occur...

CVE-2020-36208

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption...

CVE-2020-36205

An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur...

CVE-2020-36215

An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur...

CVE-2020-35892

An issue was discovered in the simple-slab crate before 0.3.3 for Rust. index allows an out-of-bounds read...

CVE-2020-35920

An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

CVE-2020-35928

An issue was discovered in the concread crate before 0.2.6 for Rust. Attackers can cause an ARCache data race by sending types that do not implement Send/Sync...

CVE-2020-35913

An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of RwLockReadGuard unsoundness...

CVE-2020-35922

An issue was discovered in the mio crate before 0.7.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...