mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
9f4f703a7a
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
17 lines
583 B
TOML
17 lines
583 B
TOML
[advisory]
|
|
id = "RUSTSEC-2020-0034"
|
|
package = "arr"
|
|
date = "2020-08-25"
|
|
title = "Multiple security issues including data race, buffer overflow, and uninitialized memory drop"
|
|
url = "https://github.com/sjep/array/issues/1"
|
|
description = """
|
|
`arr` crate contains multiple security issues. Specifically,
|
|
|
|
1. It incorrectly implements Sync/Send bounds, which allows to smuggle non-Sync/Send types across the thread boundary.
|
|
2. `Index` and `IndexMut` implementation does not check the array bound.
|
|
3. `Array::new_from_template()` drops uninitialized memory.
|
|
"""
|
|
|
|
[versions]
|
|
patched = []
|