3 matches found
NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +171 more potentially affected by CVE-2020-35899 via actix-service (>=0.1.6 <=0.4.2)
actix-service CARGO version =0.1.6, =0.8.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1 and more Source cves: CVE-2020-35899 Source advisory: OSV:GHSA-WHC7-5P35-4WW2...
CVE-2020-35899
CVE-2020-35899 concerns the actix-service crate for Rust prior to 1.0.6, where a bespoke Cell implementation may allow obtaining multiple mutable references to the same data. This root cause can enable use-after-free-like behavior and memory corruption. Several connected sources confirm the issue...
NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +171 more potentially affected by CVE-2020-35899 via actix-service (>=0.1.6 <=0.4.2)
actix-service CARGO version =0.1.6, =0.8.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1 and more Source cves: CVE-2020-35899 Source advisory: OSV:RUSTSEC-2020-0046...