CVE-2020-36455: Data races in slock
An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock unconditionally implements Send and Sync.
References
- github.com/BrokenLamp/slock-rs
- github.com/BrokenLamp/slock-rs/commit/719df35f55b6cab4ca2a7f840347a06ecbd8aac6
- github.com/BrokenLamp/slock-rs/issues/2
- github.com/advisories/GHSA-mc36-5m36-hjh5
- nvd.nist.gov/vuln/detail/CVE-2020-36455
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/slock/RUSTSEC-2020-0135.md
- rustsec.org/advisories/RUSTSEC-2020-0135.html
Code Behaviors & Features
Detect and mitigate CVE-2020-36455 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →