CVE-2020-36460

An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type...

CVE-2020-36466

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr implements Send and Sync for all types...

CVE-2020-35872

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the reprRust type...

CVE-2020-25573

An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint...

CVE-2020-35919

An issue was discovered in the net2 crate before 0.2.36 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

CVE-2020-35921

An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

CVE-2020-35923

An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN...

CVE-2020-35900

An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A popback call may lead to a use-after-free...

CVE-2020-35890

An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity...

CVE-2020-36436

An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab and Unordered do not have bounds on their Send and Sync traits...

CVE-2020-35898

An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data...

CVE-2020-35882

An issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references to the same object, possibly causing a data race...

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

CVE-2020-36512

An issue was discovered in the buffoon crate through 2020-12-31 for Rust. InputStream::readexact may read from uninitialized memory locations...

CVE-2020-36435

An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks...

CVE-2020-36433

An issue was discovered in the chunky crate through 2020-08-25 for Rust. The Chunk API does not honor an alignment requirement...

CVE-2020-36432

An issue was discovered in the algds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new...

CVE-2020-36434

An issue was discovered in the sys-info crate before 0.8.0 for Rust. sysinfo::diskinfo calls can trigger a double free...

CVE-2020-35909

An issue was discovered in the multihash crate before 0.11.3 for Rust. The fromslice parsing code can panic via unsanitized data from a network server...

CVE-2020-35911

An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockReadGuard unsoundness...