OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-07 04:01:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
0f2bc2d6eefd4b1ba4fcef3caae4965dee8ed71e
advisory-db/crates/may_queue/RUSTSEC-2020-0111.md
Yechan Bae b724f12a5b Update CVE numbers (#777) 
* Update CVE numbers

* Fix RUSTSEC-2020-0093

* Add another alias for async-h1 crate
2021-02-25 20:00:25 -05:00

20 lines
639 B
Markdown
Raw Blame History

```toml
[advisory]
id = "RUSTSEC-2020-0111"
package = "may_queue"
aliases = ["CVE-2020-36217"]
date = "2020-11-10"
url = "https://github.com/Xudong-Huang/may/issues/88"
categories = ["memory-corruption", "thread-safety"]
keywords = ["concurrency"]
[versions]
patched = []
```
# may_queue's Queue lacks Send/Sync bound for its Send/Sync trait.
Affected versions of `may_queue` implements `Send`/`Sync` for its `Queue` type without restricting it to `Send`able types and `Sync`able types.
This allows non-`Sync` types such as `Cell` to be shared across threads leading to undefined behavior and memory corruption in concurrent programs.
Reference in New Issue View Git Blame Copy Permalink