0.3.1

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

conquer-once-project

NVD

Published: 2021-01-26

Updated: 2021-07-21

Summary

An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption.

Vulnerable Configurations

Part	Description	Count
Application	Conquer-Once_Project Conquer Once Project Conquer Once - Conquer Once Project Conquer Once 0.3.0 Conquer Once Project Conquer Once 0.3.1	3

References

https://rustsec.org/advisories/RUSTSEC-2020-0101.html