GHSA-pfjq-935c-4895
Suggest an improvement- Source
- https://github.com/advisories/GHSA-pfjq-935c-4895
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-pfjq-935c-4895/GHSA-pfjq-935c-4895.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-pfjq-935c-4895
- Aliases
-
- CVE-2020-36447
- GHSA-3837-87vh-xq3w
- RUSTSEC-2020-0127
- Published
- 2021-08-25T21:00:37Z
- Modified
- 2023-11-08T04:03:45.399019Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Data races in v9
- Details
-
Affected versions of this crate unconditionally implement
SyncforSyncRef<T>. This definition allows data races if&Tis accessible through&SyncRef.SyncRef<T>derivesCloneandDebug, and the default implementations of those traits access&Tby invokingT::clone()&T::fmt(). It is possible to create data races & undefined behavior by concurrently invokingSyncRef<T>::clone()orSyncRef<T>::fmt()from multiple threads withT: !Sync. - Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-362" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2021-08-05T21:37:57Z" }- References
Affected packages
crates.io / v9
Package
- Name
- v9
- View open source insights on deps.dev
- Purl
- pkg:cargo/v9