CVE-2020-35913 (Low) detected in lock_api-0.1.5.crate #31

mend-for-github-com · 2021-01-05T01:03:23Z

CVE-2020-35913 - Low Severity Vulnerability

Vulnerable Library - lock_api-0.1.5.crate

Wrappers to create fully-featured Mutex and RwLock types. Compatible with no_std.

Library home page: https://crates.io/api/v1/crates/lock_api/0.1.5/download

Dependency Hierarchy:

hyper-rustls-0.16.1.crate (Root Library)
- hyper-0.12.25.crate
  - tokio-tcp-0.1.3.crate
    - tokio-reactor-0.1.9.crate
      - parking_lot-0.7.1.crate
        
        ❌ lock_api-0.1.5.crate (Vulnerable Library)

Vulnerability Details

An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of RwLockReadGuard unsoundness.

Publish Date: 2020-12-31

URL: CVE-2020-35913

CVSS 2 Score Details (1.9)

Base Score Metrics not available

mend-for-github-com bot added the security vulnerability Security vulnerability detected by WhiteSource label Jan 5, 2021

mend-for-github-com bot changed the title ~~CVE-2020-35913 (Medium) detected in lock_api-0.1.5.crate~~ CVE-2020-35913 (Low) detected in lock_api-0.1.5.crate Feb 15, 2021

mend-for-github-com bot mentioned this issue Feb 15, 2021

CVE-2020-35913 (Low) detected in lock_api-0.1.5.crate - autoclosed #30

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2020-35913 (Low) detected in lock_api-0.1.5.crate #31

CVE-2020-35913 (Low) detected in lock_api-0.1.5.crate #31

mend-for-github-com bot commented Jan 5, 2021 •

edited

Loading

CVE-2020-35913 (Low) detected in lock_api-0.1.5.crate #31

CVE-2020-35913 (Low) detected in lock_api-0.1.5.crate #31

Comments

mend-for-github-com bot commented Jan 5, 2021 • edited Loading

CVE-2020-35913 - Low Severity Vulnerability

mend-for-github-com bot commented Jan 5, 2021 •

edited

Loading