{"id":"RUSTSEC-2020-0092","summary":"Send/Sync bound needed on V in `impl Send/Sync for ARCache\u003cK, V\u003e`","details":"Affected versions of this crate unconditionally implemented `Send`/`Sync` traits for `ARCache\u003cK, V\u003e` type.\n\nThis allows users to send/access types that do not implement `Send`/`Sync`, which can cause a data race.\n\nThe flaw was corrected in the 0.2.6 release by adding bounds `K: Send + Sync` & `V: Send + Sync` to affected `Send`/`Sync` trait implementations.","aliases":["CVE-2020-35928","GHSA-4xj5-vv9x-63jp"],"modified":"2023-11-01T04:53:08.964190Z","published":"2020-11-13T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/concread"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2020-0092.html"},{"type":"REPORT","url":"https://github.com/kanidm/concread/issues/48"}],"affected":[{"package":{"name":"concread","ecosystem":"crates.io","purl":"pkg:cargo/concread"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.2.6"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"os":[],"arch":[],"functions":[]}},"database_specific":{"categories":["thread-safety"],"informational":"unsound","source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0092.json","cvss":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}