CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2021/08/08 6:15 a.m.•13 views

Code injection

An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue...

6.8CVSS8AI score0.01098EPSS

Exploits1References2Affected Software1

OSV•added 2021/08/08 6:15 a.m.•1 views

UBUNTU-CVE-2020-36471

An issue was discovered in the generator crate before 0.7.0 for Rust. It does not ensure that a function for yielding values has Send bounds...

5.9CVSS5.8AI score0.01094EPSS

Exploits1References4

CVE•added 2021/08/08 5:19 a.m.•105 views

CVE-2020-36435

CVE-2020-36435 affects the Rust crate ruspiro-singleton prior to 0.4.1. The issue is that Singleton did not enforce bounds on Send and Sync, allowing non-Sync types (e.g., Cell) to be used in singletons and potentially cause data races. The vulnerability is captured across multiple catalogs (NVD,...

8.1CVSS8AI score0.00766EPSS

Cvelist•added 2021/08/08 5:18 a.m.•16 views

CVE-2020-36436

An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab and Unordered do not have bounds on their Send and Sync traits...

Cvelist•added 2021/08/08 5:18 a.m.•9 views

CVE-2020-36437

An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender...

8.1AI score0.00847EPSS

CVE•added 2021/08/08 5:18 a.m.•112 views

CVE-2020-36438

The CVE-2020-36438 issue affects the Rust crate tiny_future (before version 0.4.0), where Future lacks bounds on Send and Sync. The result is a potential data race when using non-thread-safe types (e.g., Cell) inside futures, as described by multiple sources (e.g., GHSA and OSV entries referencin...

CVE•added 2021/08/08 5:18 a.m.•111 views

CVE-2020-36439

The CVE-2020-36439 entry concerns the Rust crate ticketed_lock prior to 0.3.0, which unconditionally implemented Send for ReadTicket and WriteTicket. This allows sending non-Send T across threads, enabling data races with internal mutability and potentially memory corruption or undefined behavior...

Cvelist•added 2021/08/08 5:18 a.m.•16 views

CVE-2020-36439

An issue was discovered in the ticketedlock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket and WriteTicket...

Cvelist•added 2021/08/08 5:18 a.m.•12 views

CVE-2020-36440

An issue was discovered in the libsbc crate before 0.1.5 for Rust. For Decoder, it implements Send for any R: Read...

CVE•added 2021/08/08 5:17 a.m.•117 views

CVE-2020-36441

CVE-2020-36441 affects the Rust crate abox (pre-0.4.1). AtomicBox is marked Send/Sync without requiring T: Send and T: Sync, which can undermine thread-safety guarantees and enable data races if T is not Send/Sync. Public disclosures and security records (e.g., RUSTSEC-2020-0121, GHSA data race e...

Cvelist•added 2021/08/08 5:17 a.m.•15 views

CVE-2020-36441

An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox with no requirement for T: Send and T: Sync...

Cvelist•added 2021/08/08 5:17 a.m.•9 views

CVE-2020-36442

An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...

Cvelist•added 2021/08/08 5:17 a.m.•14 views

CVE-2020-36444

An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuard without trait bounds on RC...

CVE•added 2021/08/08 5:17 a.m.•104 views

CVE-2020-36445

The CVE-2020-36445 issue affects the Rust crate convec, where ConVec provides unconditional Send/Sync implementations through 2020-11-24. Root cause: ConVec exposes Send and Sync for all T, enabling insertion of non-Send or non-Sync types (e.g., Arc<Cell> or Rc) and creating data races. Imp...

8.1CVSS8AI score0.00766EPSS

Cvelist•added 2021/08/08 5:17 a.m.•12 views

CVE-2020-36445

An issue was discovered in the convec crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for ConVec...

CVE•added 2021/08/08 5:16 a.m.•112 views

CVE-2020-36446

CVE-2020-36446 affects the signal-simple crate for Rust. The root cause is that SyncChannel is implemented as Send and Sync unconditionally, which allows moving or sharing owned T across threads. This can enable unsafe behavior when T is not Send, potentially causing data races and memory corrupt...

Cvelist•added 2021/08/08 5:16 a.m.•10 views

CVE-2020-36446

An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel...