Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4531 matches found

OSV
OSVadded 2020/11/17 12:0 p.m.13 views

RUSTSEC-2020-0087 TryMutex<T> allows sending non-Send type across threads

Affected versions of this crate unconditionally implemented Sync trait for TryMutex type. This allows users to put non-Send T type in TryMutex and send it to another thread, which can cause a data race. The flaw was corrected in the 0.3.0 release by adding T: Send bound for the Sync trait...

5.5CVSS5.2AI score0.00054EPSS
Exploits1References3
OSV
OSVadded 2020/11/16 12:0 p.m.16 views

RUSTSEC-2020-0115 Singleton lacks bounds on Send and Sync.

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

8.1CVSS7.8AI score0.00336EPSS
Exploits0References3
RustSec
RustSecadded 2020/11/16 12:0 p.m.13 views

Singleton lacks bounds on Send and Sync.

Singleton is meant to be a static object that can be initialized lazily. In order to satisfy the requirement that static items must implement Sync, Singleton implemented both Sync and Send unconditionally. This allows for a bug where non-Sync types such as Cell can be used in singletons and cause...

8.1CVSS1.4AI score0.00336EPSS
Exploits0Affected Software1
OSV
OSVadded 2020/11/15 12:0 p.m.17 views

RUSTSEC-2020-0133 Queue<T> should have a Send bound on its Send/Sync traits

Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...

8.1CVSS8.2AI score0.00363EPSS
Exploits1References3
RustSec
RustSecadded 2020/11/15 12:0 p.m.16 views

Queue<T> should have a Send bound on its Send/Sync traits

Affected versions of this crate unconditionally implements Send/Sync for Queue. This allows 1 creating data races to a T: !Sync and 2 sending T: !Send to other threads, resulting in memory corruption or other undefined behavior...

8.1CVSS3.8AI score0.00363EPSS
Exploits1
RustSec
RustSecadded 2020/11/15 12:0 p.m.19 views

SyncChannel<T> can move 'T: !Send' to other threads

Affected versions of this crate unconditionally implement Send/Sync for SyncChannel. SyncChannel doesn't provide access to &T but merely serves as a channel that consumes and returns owned T. Users can create UB in safe Rust by sending T: !Send to other threads with SyncChannel::send/recv APIs...

8.1CVSS3.9AI score0.00336EPSS
Exploits0
RustSec
RustSecadded 2020/11/15 12:0 p.m.19 views

Data race and memory safety issue in `Index`

The appendix crate implements a key-value mapping data structure called Index that is stored on disk. The crate allows for any type to inhabit the generic K and V type parameters and implements Send and Sync for them unconditionally. Using a type that is not marked as Send or Sync with Index can...

5.9CVSS2AI score0.0028EPSS
Exploits1
OSV
OSVadded 2020/11/15 12:0 p.m.14 views

RUSTSEC-2020-0126 SyncChannel<T> can move 'T: !Send' to other threads

Affected versions of this crate unconditionally implement Send/Sync for SyncChannel. SyncChannel doesn't provide access to &T but merely serves as a channel that consumes and returns owned T. Users can create UB in safe Rust by sending T: !Send to other threads with SyncChannel::send/recv APIs...

8.1CVSS7.9AI score0.00336EPSS
Exploits0References3
OSV
OSVadded 2020/11/15 12:0 p.m.9 views

RUSTSEC-2020-0116 PinSlab<T> and Unordered<T, S> need bounds on their Send/Sync traits

Affected versions of this crate unconditionally implemented Send & Sync for types PinSlab & Unordered. This allows sending non-Send types to other threads and concurrently accessing non-Sync types from multiple threads. This can result in a data race & memory corruption when types that provide...

8.1CVSS8.2AI score0.00336EPSS
Exploits0References3
RustSec
RustSecadded 2020/11/15 12:0 p.m.16 views

PinSlab<T> and Unordered<T, S> need bounds on their Send/Sync traits

Affected versions of this crate unconditionally implemented Send & Sync for types PinSlab & Unordered. This allows sending non-Send types to other threads and concurrently accessing non-Sync types from multiple threads. This can result in a data race & memory corruption when types that provide...

8.1CVSS1.7AI score0.00336EPSS
Exploits0Affected Software1
OSV
OSVadded 2020/11/14 12:0 p.m.17 views

RUSTSEC-2020-0134 `LockWeak<T>` allows to create data race to `T`.

In the affected versions of this crate, LockWeak unconditionally implemented Send with no trait bounds on T. LockWeak doesn't own T and only provides &T. This allows concurrent access to a non-Sync T, which can cause undefined behavior like data races...

8.1CVSS7.9AI score0.00281EPSS
Exploits1References3
RustSec
RustSecadded 2020/11/14 12:0 p.m.18 views

`LockWeak<T>` allows to create data race to `T`.

In the affected versions of this crate, LockWeak unconditionally implemented Send with no trait bounds on T. LockWeak doesn't own T and only provides &T. This allows concurrent access to a non-Sync T, which can cause undefined behavior like data races...

8.1CVSS4.8AI score0.00281EPSS
Exploits1
RustSec
RustSecadded 2020/11/13 12:0 p.m.12 views

Send/Sync bound needed on V in `impl Send/Sync for ARCache<K, V>`

Affected versions of this crate unconditionally implemented Send/Sync traits for ARCache type. This allows users to send/access types that do not implement Send/Sync, which can cause a data race. The flaw was corrected in the 0.2.6 release by adding bounds K: Send + Sync & V: Send + Sync to...

4.7CVSS2.9AI score0.00042EPSS
Exploits1Affected Software1
RustSec
RustSecadded 2020/11/12 12:0 p.m.22 views

Bunch<T> unconditionally implements Send/Sync

Affected versions of this crate unconditionally implements Send/Sync for Bunch. This allows users to insert T: !Sync to Bunch. It is possible to create a data race to a T: !Sync by invoking the Bunch::get API which returns &T from multiple threads. It is also possible to send T: !Send to other...

8.1CVSS3.7AI score0.00513EPSS
Exploits1
OSV
OSVadded 2020/11/12 12:0 p.m.14 views

RUSTSEC-2020-0130 Bunch<T> unconditionally implements Send/Sync

Affected versions of this crate unconditionally implements Send/Sync for Bunch. This allows users to insert T: !Sync to Bunch. It is possible to create a data race to a T: !Sync by invoking the Bunch::get API which returns &T from multiple threads. It is also possible to send T: !Send to other...

8.1CVSS7.9AI score0.00513EPSS
Exploits1References3
Veracode
Veracodeadded 2020/11/12 8:1 a.m.6 views

Denial Of Service (DoS)

cbor-sync is vulnerable to Denial Of Service. A Denial Of Service condition occurs when the server drains all the free memory during allocation of an unbounded length buffer...

3.6AI score
Exploits0
OSV
OSVadded 2020/11/10 12:0 p.m.12 views

RUSTSEC-2020-0137 AtomicBox<T> lacks bound on its Send and Sync traits allowing data races

AtomicBox is a Box type designed to be used across threads, however, it implements the Send and Sync traits for all types T. This allows non-Send types such as Rc and non-Sync types such as Cell to be used across thread boundaries which can trigger undefined behavior and memory corruption...

8.1CVSS7.9AI score0.00477EPSS
Exploits1References3
OSV
OSVadded 2020/11/10 12:0 p.m.13 views

RUSTSEC-2020-0140 `Shared` can cause a data race

Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...

8.1CVSS8AI score0.00363EPSS
Exploits1References3
OSV
OSVadded 2020/11/10 12:0 p.m.16 views

RUSTSEC-2020-0138 ReaderResult should be bounded by Sync

Affected versions of this crate implements Sync for ReaderResult with the trait bound T: Send, E: Send. Since matching on the public enum ReaderResult provides access to &T & &E, allowing data race to a non-Sync type T or E. This can result in a memory corruption when multiple threads concurrentl...

8.1CVSS8.2AI score0.00301EPSS
Exploits1References3
RustSec
RustSecadded 2020/11/10 12:0 p.m.19 views

ReaderResult should be bounded by Sync

Affected versions of this crate implements Sync for ReaderResult with the trait bound T: Send, E: Send. Since matching on the public enum ReaderResult provides access to &T & &E, allowing data race to a non-Sync type T or E. This can result in a memory corruption when multiple threads concurrentl...

8.1CVSS1.1AI score0.00301EPSS
Exploits1
Rows per page
Query Builder