gitarena icon indicating copy to clipboard operation
gitarena copied to clipboard

Published 20 hours ago verified publisher icon mellowagain

RUSTSEC-2022-0002: Unsoundness in `dashmap` references

Open github-actions[bot] opened this issue 2 years ago • 1 comments

Unsoundness in dashmap references

Details
Package dashmap
Version 5.0.0
URL https://github.com/xacrimon/dashmap/issues/167
Date 2022-01-10
Unaffected versions <5.0.0

Reference returned by some methods of Ref (and similar types) may outlive the Ref and escape the lock. This causes undefined behavior and may result in a segfault.

More information in dashmap#167 issue.

See advisory page for additional details.

github-actions[bot] avatar Jan 25 '22 01:01 github-actions[bot]

Dependency graph:

  • git-repository 0.13.0
    • git-pack 0.15.0
    • git-tempfile 1.0.3
      • dashmap 4.0.2 (affected crate)

mellowagain avatar Jan 25 '22 18:01 mellowagain