GHSA-mxv6-q98x-h958
Suggest an improvement- Source
- https://github.com/advisories/GHSA-mxv6-q98x-h958
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-mxv6-q98x-h958/GHSA-mxv6-q98x-h958.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-mxv6-q98x-h958
- Aliases
-
- CVE-2020-36460
- RUSTSEC-2020-0140
- Published
- 2021-08-25T20:56:07Z
- Modified
- 2023-11-08T04:03:46.195914Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Data races in model
- Details
-
Shareddata structure inmodelcrate implementsSendandSynctraits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust.Users are advised to treat
Sharedas an unsafe type. It should not be used outside of the testing context, and care must be taken so that the testing code does not have a data race besides a race condition that is expected to be caught by the test. - Database specific
{ "nvd_published_at": "2021-08-08T06:15:00Z", "github_reviewed_at": "2021-08-18T21:17:33Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-362", "CWE-843" ] }- References
Affected packages
crates.io / model
Package
- Name
- model
- View open source insights on deps.dev
- Purl
- pkg:cargo/model