CVE-2020-36472

Опубликовано: 08 авг. 2021

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in the max7301 crate before 0.2.0 for Rust. The ImmediateIO and TransactionalIO types implement Sync for all Expander types that they contain.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/max7301/RUSTSEC-2020-0152.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2020-0152.html
Exploit
Issue Tracking
Patch
Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/max7301/RUSTSEC-2020-0152.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2020-0152.html
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:max7301_project:max7301:*:*:*:*:*:rust:*:*

Версия до 0.2.0 (исключая)

EPSS

Процентиль: 51%

0.0028

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-rmff-f8w9-c9rm