Affected versions do not enforce a Sync
bound on the type of caller-provided
value held in the plugin registry. References to these values are made
accessible to arbitrary threads other than the one that constructed them.
A caller could use this flaw to submit thread-unsafe data into inventory, then access it as a reference simultaneously from multiple threads.
The flaw was corrected by enforcing that data submitted by the caller into
inventory is Sync
.
{ "license": "CC0-1.0" }