2 matches found
crayon-audio (>=0.6.0 <=0.7.1) potentially affected by CVE-2020-35889 via crayon (>=0.6.0 <=0.7.1)
crayon CARGO version =0.6.0, =0.6.0, =0.7.1 Source cves: CVE-2020-35889 Source advisory: OSV:GHSA-M833-JV95-MFJH...
CVE-2020-35889
CVE-2020-35889 affects the Rust crayon crate. The issue is a time-of-check to time-of-use (TOCTOU) memory-safety vulnerability in the HandleLike handling (ObjectPool/HandlePool) that can enable memory-safety violations. Root cause is a misbehaving HandleLike implementation, documented in the RUST...