OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-21 02:51:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
advisory-db/crates/convec/RUSTSEC-2020-0125.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

22 lines
822 B
Markdown
Raw Blame History

```toml
[advisory]
id = "RUSTSEC-2020-0125"
package = "convec"
date = "2020-11-24"
url = "https://github.com/krl/convec/issues/2"
categories = ["memory-corruption", "thread-safety"]
aliases = ["CVE-2020-36445", "GHSA-rpxm-vmr7-5f5f"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
[versions]
patched = []
```
# convec::ConVec<T> unconditionally implements Send/Sync
Affected versions of this crate unconditionally implement Send/Sync for `ConVec<T>`.
This allows users to insert `T` that is not Send or not Sync.
This allows users to create data races by using non-Send types like `Arc<Cell<_>>` or `Rc<_>` as `T` in `ConVec<T>`. It is also possible to create data races by using types like `Cell<_>` or `RefCell<_>` as `T` (types that are `Send` but not `Sync`).
Such data races can lead to memory corruption.
Reference in New Issue View Git Blame Copy Permalink