2 matches found
efw (=0.1.0) potentially affected by CVE-2020-36209 via late-static (=0.3.0)
late-static CARGO version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on late-static and may be impacted: - efw =0.1.0 Source cves: CVE-2020-36209 Source advisory: OSV:GHSA-WR55-MF5C-HHWM...
CVE-2020-36209
CVE-2020-36209 concerns the late-static crate (pre-0.4.0) for Rust. The issue arises because Sync is implemented for LateStatic with T: Send, enabling a data race on a type that is Send but not Sync (e.g., Cell). This can lead to memory corruption or undefined behavior as described in multiple so...