CVE-2020-36451

CVE-2020-36451 affects the Rust rcu_cell crate, where RcuCell unconditionally implements Send/Sync. This configuration allows sending T in a non-Send context and concurrent access to non-Sync T via RcuCell, creating a data-race risk and potential memory corruption. Public references from multiple...

CVE-2020-36452

The CVE-2020-36452 issue affects the Rust crate array-tools prior to 0.3.2. The vulnerability is in FixedCapacityDequeLike::clone(), which can drop uninitialized memory, causing memory corruption. CVSS info from NVD shows high to critical impact (base scores 7.5–9.8) with network attack vector an...

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

CVE-2020-36453

The CVE-2020-36453 entry pertains to the Rust crate scottqueue, where the Queue type unconditionally implements Send and Sync up to 2020-11-15. This allows data races on T: !Sync and the possibility to send T: !Send across threads, leading to memory corruption or undefined behavior as stated in m...

CVE-2020-36453

An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue...

CVE-2020-36454

An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeak has an unconditional implementation of Send without trait bounds on T...

CVE-2020-36454

CVE-2020-36454 concerns the Rust crate parc . The issue is that the type LockWeak has an unconditional implementation of Send without trait bounds on T , and it does not own the underlying data (it only provides &T ). This enables concurrent access to a non-Sync type, which can lead to undefined ...

CVE-2020-36455

The CVE-2020-36455 issue affects the Rust crate slock. The vulnerability stems from Slock unconditionally implementing Send and Sync, allowing non-Send types to be sent across threads. This can enable data races and memory corruption as various OSV/NVD entries describe the same core problem, with...

CVE-2020-36455

An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock unconditionally implements Send and Sync...

CVE-2020-36456

An issue was discovered in the toolshed crate through 2020-11-15 for Rust. In CopyCell, the Send trait lacks bounds on the contained type...

CVE-2020-36456

The CVE-2020-36456 entry concerns the Rust crate toolshed, specifically the CopyCell type. The root cause is that the Send trait for CopyCell lacks bounds on the contained type, enabling potential data races when sending CopyCell across threads. Documented impact includes data race conditions due...

CVE-2020-36457

CVE-2020-36457 affects the lever crate for Rust, specifically versions before 0.1.1. The root cause is that an internal type, AtomicBox, implements Send and Sync for all types T, which enables non-Send types (e.g., Rc) and non-Sync types (e.g., Cell) to be used across thread boundaries. This can ...

CVE-2020-36457

An issue was discovered in the lever crate before 0.1.1 for Rust. AtomicBox implements the Send and Sync traits for all types T...

CVE-2020-36458

The CVE-2020-36458 issue concerns the Rust lexer crate, where ReaderResult has a Sync implementation bounded by T: Send, E: Send. This mis-bounding can allow a non-Sync T or E to be accessed across threads via &T or &E, creating a potential data race and memory corruption. Affected component: lex...

CVE-2020-36458

An issue was discovered in the lexer crate through 2020-11-10 for Rust. For ReaderResult, there is an implementation of Sync with a trait bound of T: Send, E: Send...

CVE-2020-36459

An issue was discovered in the dces crate through 2020-12-09 for Rust. The World type is marked as Send but lacks bounds on its EntityStore and ComponentStore...

CVE-2020-36459

The CVE-2020-36459 issue affects the Rust crate dces (World type) where World is marked as Send but lacks bounds on its EntityStore and ComponentStore . This can allow non-thread-safe stores to be sent across threads, potentially causing data races. Documented in multiple sources (e.g., RustSec a...

CVE-2020-36460

CVE-2020-36460 affects the Rust model crate: the Shared data structure implements Send and Sync regardless of the inner type, potentially enabling data races in safe Rust. Covered in multiple sources (NVD/RUSTSEC/RH Red Hat) with references to a contention issue; no explicit patch/version remedia...

CVE-2020-36460

An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type...

CVE-2020-36461

The CVE-2020-36461 issue affects the Rust crate noise_search, where MvccRwLock is unconditionally Send/Sync. Multiple connected records document data races and aliasing violations when types that are not Send/Sync, such as Rc or Arc<Cell>, are contained inside MvccRwLock and moved across th...