4 matches found
`oncecell` was removed from crates.io for malicious code
This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...
Data races in conquer-once
Affected versions of conquer-once implements Sync for its OnceCell type without restricting it to Sendable types. This allows non-Send but Sync types such as MutexGuard to be sent across threads leading to undefined behavior and memory corruption in concurrent programs. The issue was fixed by...
RUSTSEC-2020-0101 conquer-once's OnceCell lacks Send bound for its Sync trait.
Affected versions of conquer-once implements Sync for its OnceCell type without restricting it to Sendable types. This allows non-Send but Sync types such as MutexGuard to be sent across threads leading to undefined behavior and memory corruption in concurrent programs. The issue was fixed by...
conquer-once's OnceCell lacks Send bound for its Sync trait.
Affected versions of conquer-once implements Sync for its OnceCell type without restricting it to Sendable types. This allows non-Send but Sync types such as MutexGuard to be sent across threads leading to undefined behavior and memory corruption in concurrent programs. The issue was fixed by...