{"id":"RUSTSEC-2020-0023","summary":"Lifetime boundary for `raw_slice` and `raw_slice_mut` are incorrect","details":"The affected version of `rulinalg` has incorrect lifetime boundary definitions\nfor `RowMut::raw_slice` and `RowMut::raw_slice_mut`. They do not conform with\nRust's borrowing rule and allows the user to create multiple mutable references\nto the same location. This may result in unexpected calculation result and data\nrace if both references are used at the same time.","aliases":["CVE-2020-35879","GHSA-q2gj-9r85-p832"],"modified":"2023-11-08T04:03:37.134824Z","published":"2020-02-11T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/rulinalg"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2020-0023.html"},{"type":"REPORT","url":"https://github.com/AtheMathmo/rulinalg/issues/201"}],"affected":[{"package":{"name":"rulinalg","ecosystem":"crates.io","purl":"pkg:cargo/rulinalg"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.4.0"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"functions":["rulinalg::matrix::RowMut::raw_slice","rulinalg::matrix::RowMut::raw_slice_mut"],"arch":[],"os":[]}},"database_specific":{"categories":[],"informational":null,"cvss":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0023.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}