OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-21 02:51:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
advisory-db/crates/atom/RUSTSEC-2020-0044.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

623 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0044"
package = "atom"
aliases = ["CVE-2020-35897", "GHSA-9cg2-2j2h-59v9"]
cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
date = "2020-09-21"
informational = "unsound"
url = "https://github.com/slide-rs/atom/issues/13"
categories = ["thread-safety"]

[versions]
patched = [">= 0.3.6"]

Unsafe Send implementation in Atom allows data races

The atom crate contains a security issue revolving around its implementation of the Send trait. It incorrectly allows any arbitrary type to be sent across threads potentially leading to use-after-free issues through memory races.