mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-13 21:18:11 +01:00

Files

Yechan Bae b724f12a5b Update CVE numbers (#777 )

* Update CVE numbers

* Fix RUSTSEC-2020-0093

* Add another alias for async-h1 crate

2021-02-25 20:00:25 -05:00

730 B

Raw Blame History

[advisory]
id = "RUSTSEC-2020-0104"
package = "gfwx"
aliases = ["CVE-2020-36211"]
date = "2020-12-08"
url = "https://github.com/Devolutions/gfwx-rs/issues/7"
categories = ["memory-corruption", "thread-safety"]

[versions]
patched = [">= 0.3.0"]

ImageChunkMut needs bounds on its Send and Sync traits

In the affected versions of this crate, ImageChunkMut<'_, T> unconditionally implements Send and Sync, allowing to create data races.

This can result in a memory corruption or undefined behavior when non thread-safe types are moved and referenced across thread boundaries.

The flaw was corrected in commit e7fb2f5 by adding T: Send bound to the Send impl and adding T: Sync bound to the Sync impl.

730 B Raw Blame History

ImageChunkMut needs bounds on its Send and Sync traits

730 B

Raw Blame History