RUSTSEC-2020-0028

LocalRequest::clone creates multiple mutable references to the same object

Reported

May 27, 2020

Issued

October 1, 2020 (last modified: June 13, 2023)

Package

rocket (crates.io)

Type

INFO Unsound

Aliases

References

https://github.com/SergioBenitez/Rocket/issues/1312

CVSS Score

8.1 HIGH

CVSS Details

Attack vector: Network
Attack complexity: High
Privileges required: None
User interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Patched

>=0.4.5

Unaffected

<0.4.0

Affected Functions

Version

rocket::local::LocalRequest::clone

<0.4.5, >=0.4.0

Description

The affected version of rocket contains a Clone trait implementation of LocalRequest that reuses the pointer to inner Request object. This causes data race in rare combinations of APIs if the original and the cloned objects are modified at the same time.

Advisory available under CC0-1.0 license.