EUVD-2021-1707

Malware in sbrugna...

CVE-2020-36435

An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks...

ruspiro-boot (>=0.3.0 <=0.3.2), ruspiro-console (>=0.0.2 <=0.3.2) +6 more potentially affected by CVE-2020-36435 via ruspiro-singleton (>=0.0.2 <=0.3.1)

ruspiro-singleton CARGO version =0.0.2, =0.3.0, =0.0.2, =0.0.2, =0.3.0, =0.1.0, =0.0.2, =0.4.0, =0.0.2, =0.3.1 Source cves: CVE-2020-36435 Source advisory: OSV:GHSA-FQQ2-XP7M-XVM8...

Data race in ruspiro-singleton

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

CVE-2020-36435

An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks...

CVE-2020-36435

CVE-2020-36435 affects the Rust crate ruspiro-singleton prior to 0.4.1. The issue is that Singleton did not enforce bounds on Send and Sync, allowing non-Sync types (e.g., Cell) to be used in singletons and potentially cause data races. The vulnerability is captured across multiple catalogs (NVD,...

ruspiro-boot (>=0.3.0 <=0.3.2), ruspiro-console (>=0.0.2 <=0.3.2) +6 more potentially affected by CVE-2020-36435 via ruspiro-singleton (>=0.0.2 <=0.3.1)

ruspiro-singleton CARGO version =0.0.2, =0.3.0, =0.0.2, =0.0.2, =0.3.0, =0.1.0, =0.0.2, =0.4.0, =0.0.2, =0.3.1 Source cves: CVE-2020-36435 Source advisory: OSV:RUSTSEC-2020-0115...