{"id":"RUSTSEC-2020-0094","summary":"Unsound: can make `ARefss` contain a !Send, !Sync object.","details":"`ARefss\u003c'a, V\u003e` is a type that is assumed to contain objects that are `Send + Sync`.\n\nIn the affected versions of this crate,\n`Send`/`Sync` traits are unconditionally implemented for `ARefss\u003c'a, V\u003e`.\n\nBy using the `ARefss::map()` API, we can insert a `!Send` or `!Sync` object into `ARefss\u003c'a, V\u003e`. After that, it is possible to create a data race to the inner object of `ARefss\u003c'a, V\u003e`, which can lead to undefined behavior & memory corruption.\n\nThe flaw was corrected in commit 6dd7ca0 (https://github.com/diwic/reffers-rs/commit/6dd7ca0d50f2464df708975cdafcfaeeb6d41c66) by adding trait bound `V: Send + Sync` to `ARefss::map()` API.","aliases":["CVE-2020-36203","GHSA-39xg-8p43-h76x"],"modified":"2023-11-08T04:03:41.295805Z","published":"2020-12-01T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/reffers"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2020-0094.html"},{"type":"REPORT","url":"https://github.com/diwic/reffers-rs/issues/7"}],"affected":[{"package":{"name":"reffers","ecosystem":"crates.io","purl":"pkg:cargo/reffers"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.6.1"}]}],"ecosystem_specific":{"affects":{"arch":[],"os":[],"functions":[]},"affected_functions":null},"database_specific":{"informational":"unsound","cvss":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0094.json","categories":["memory-corruption","thread-safety"]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}