3 matches found
CVE-2020-35886
The CVE-2020-35886 issue concerns the arr crate (Rust) up to 2020-08-25. It describes a data race caused by smuggling non-Sync/Send types across a thread boundary, due to incorrect Sync/Send bounds. The connected records (NVD/NVD mirrors, Red Hat OSV/GHSA advisories, OSVGHSA entries) consistently...
CVE-2020-35888
The CVE-2020-35888 entry refers to the Rust arr crate (through 2020-08-25) with a bug where uninitialized memory is dropped by Array::new_from_template. NVD lists high severity (CVSSv2 7.5; CVSSv3.1 9.8) implying critical impact, network attack vector with low complexity and no authentication. Th...
CVE-2020-35887
CVE-2020-35887 affects the Rust arr crate, with a buffer overflow in Index and IndexMut reported through 2020-08-25. The available documents identify the vulnerable code paths in arr’s Index/IndexMut implementations but do not specify affected versions, patches, or mitigations. Other sources desc...