CVE-2020-36455

Name
CVE-2020-36455
Description
An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock<T> unconditionally implements Send and Sync.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/slock/RUSTSEC-2020-0135.md
MISC https://rustsec.org/advisories/RUSTSEC-2020-0135.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:brokenlamp:slock:*:*:*:*:*:rust:*:* slock >= None <= 2020-11-17

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
slock 3.14-community 1.4-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
slock 3.15-community 1.4-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
slock 3.16-community 1.4-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
slock 3.17-community 1.5-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
slock 3.18-community 1.5-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
slock 3.19-community 1.5-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
slock edge-community 1.5-r1 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
slock 3.20-community 1.5-r1 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable