CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2021/08/08 5:17 a.m.•14 views

CVE-2020-36441

An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox with no requirement for T: Send and T: Sync...

CVE•added 2021/08/08 5:17 a.m.•115 views

CVE-2020-36441

CVE-2020-36441 affects the Rust crate abox (pre-0.4.1). AtomicBox is marked Send/Sync without requiring T: Send and T: Sync, which can undermine thread-safety guarantees and enable data races if T is not Send/Sync. Public disclosures and security records (e.g., RUSTSEC-2020-0121, GHSA data race e...

8.1CVSS7.9AI score0.00336EPSS

Cvelist•added 2021/08/08 5:17 a.m.•8 views

CVE-2020-36442

An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...

Cvelist•added 2021/08/08 5:17 a.m.•12 views

CVE-2020-36444

An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuard without trait bounds on RC...

CVE•added 2021/08/08 5:17 a.m.•103 views

CVE-2020-36445

The CVE-2020-36445 issue affects the Rust crate convec, where ConVec provides unconditional Send/Sync implementations through 2020-11-24. Root cause: ConVec exposes Send and Sync for all T, enabling insertion of non-Send or non-Sync types (e.g., Arc<Cell> or Rc) and creating data races. Imp...

8.1CVSS8AI score0.00336EPSS

Cvelist•added 2021/08/08 5:17 a.m.•10 views

CVE-2020-36445

An issue was discovered in the convec crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for ConVec...

CVE•added 2021/08/08 5:16 a.m.•107 views

CVE-2020-36446

CVE-2020-36446 affects the signal-simple crate for Rust. The root cause is that SyncChannel is implemented as Send and Sync unconditionally, which allows moving or sharing owned T across threads. This can enable unsafe behavior when T is not Send, potentially causing data races and memory corrupt...

8.1CVSS7.9AI score0.00336EPSS

Cvelist•added 2021/08/08 5:16 a.m.•10 views

CVE-2020-36446

An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel...

Cvelist•added 2021/08/08 5:16 a.m.•14 views

CVE-2020-36448

An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache...

8.1AI score0.00477EPSS

CVE•added 2021/08/08 5:16 a.m.•173 views

CVE-2020-36448

The CVE-2020-36448 entry concerns the Rust cache crate, where unconditional implementations of Send/Sync for Cache allow non-Send or non-Sync K types to be used. The root cause is that Cache exposes Send/Sync without requiring K to implement these traits, enabling potential data races when non-Se...

8.1CVSS8AI score0.00477EPSS

CVE•added 2021/08/08 5:15 a.m.•94 views

CVE-2020-36450

The CVE-2020-36450 issue affects the Rust crate payload “bunch” (through 2020-11-12) where Bunch unconditionally implements Send and Sync. This design allows inserting T values that are not Send/Sync (e.g., T: !Send, T: !Sync) and using Bunch across threads (for example via Bunch::get() returning...

8.1CVSS8AI score0.00513EPSS

Cvelist•added 2021/08/08 5:15 a.m.•13 views

CVE-2020-36450

An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch...

8.1AI score0.00513EPSS

Cvelist•added 2021/08/08 5:15 a.m.•11 views

CVE-2020-36451

An issue was discovered in the rcucell crate through 2020-11-14 for Rust. There are unconditional implementations of Send and Sync for RcuCell...

8.1AI score0.00513EPSS

CVE•added 2021/08/08 5:15 a.m.•94 views

CVE-2020-36451

CVE-2020-36451 affects the Rust rcu_cell crate, where RcuCell unconditionally implements Send/Sync. This configuration allows sending T in a non-Send context and concurrent access to non-Sync T via RcuCell, creating a data-race risk and potential memory corruption. Public references from multiple...

8.1CVSS8AI score0.00513EPSS

Cvelist•added 2021/08/08 5:15 a.m.•17 views

CVE-2020-36453

An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue...

8.1AI score0.00363EPSS

AlpineLinux•added 2021/08/08 5:14 a.m.•21 views

CVE-2020-36455

An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock unconditionally implements Send and Sync...

8.1CVSS2AI score0.00513EPSS

Cvelist•added 2021/08/08 5:14 a.m.•15 views

CVE-2020-36455

An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock unconditionally implements Send and Sync...

8.1AI score0.00513EPSS

Cvelist•added 2021/08/08 5:14 a.m.•9 views

CVE-2020-36457

An issue was discovered in the lever crate before 0.1.1 for Rust. AtomicBox implements the Send and Sync traits for all types T...

8.1AI score0.00477EPSS

CVE•added 2021/08/08 5:14 a.m.•102 views

CVE-2020-36457

CVE-2020-36457 affects the lever crate for Rust, specifically versions before 0.1.1. The root cause is that an internal type, AtomicBox, implements Send and Sync for all types T, which enables non-Send types (e.g., Rc) and non-Sync types (e.g., Cell) to be used across thread boundaries. This can ...

8.1CVSS7.9AI score0.00477EPSS