{"id":"RUSTSEC-2020-0148","summary":"Multiple soundness issues in `Ptr`","details":"Affected versions of this crate have the following issues:\n\n1. `Ptr` implements `Send` and `Sync` for all types, this can lead to data\n   races by sending non-thread safe types across threads.\n\n2. `Ptr::get` violates mutable alias rules by returning multiple mutable\n   references to the same object.\n\n3. `Ptr::write` uses non-atomic writes to the underlying pointer. This means\n   that when used across threads it can lead to data races.","aliases":["CVE-2020-36466","CVE-2020-36467","CVE-2020-36468","GHSA-f3mq-99jr-ww4r","GHSA-f9xr-3m55-5q2v","GHSA-pwhf-7427-9vv2"],"modified":"2024-03-15T00:05:22.909466Z","published":"2020-12-10T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/cgc"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2020-0148.html"},{"type":"REPORT","url":"https://github.com/playXE/cgc/issues/5"}],"affected":[{"package":{"name":"cgc","ecosystem":"crates.io","purl":"pkg:cargo/cgc"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"}]}],"ecosystem_specific":{"affects":{"os":[],"functions":[],"arch":[]},"affected_functions":null},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0148.json","informational":null,"cvss":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","categories":["memory-corruption"]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}