rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/slock/RUSTSEC-2020-0135.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

633 B
Raw Permalink Blame History 

[advisory]
id = "RUSTSEC-2020-0135"
package = "slock"
date = "2020-11-17"
url = "https://github.com/BrokenLamp/slock-rs/issues/2"
categories = ["memory-corruption", "thread-safety"]
aliases = ["CVE-2020-36455", "GHSA-83r8-p8v6-6gfm", "GHSA-mc36-5m36-hjh5"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

[versions]
patched = [">= 0.2.0"]

Slock allows sending non-Send types across thread boundaries

Slock<T> unconditionally implements Send/Sync.

Affected versions of this crate allows sending non-Send types to other threads, which can lead to data races and memory corruption due to the data race.