Reported

August 31, 2020

Issued

October 1, 2020 (last modified: June 13, 2023)

Package

crayon (crates.io)

Type

INFO Unsound

Aliases

• CVE-2020-35889
• GHSA-m833-jv95-mfjh

References

• https://github.com/shawnscode/crayon/issues/87

CVSS Score

8.1 HIGH

CVSS Details

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality Impact

High

Integrity Impact

High

Availability Impact

High

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Patched

no patched versions

Description

Unsafe code in ObjectPool has time-of-check to time-of-use (TOCTOU) bug that can eventually lead to a memory safety violation. ObjectPool and HandlePool implicitly assumes that HandleLike trait methods are pure, i.e., they always return the same value. However, this assumption is unsound since HandleLike is a safe, public trait that allows a custom implementation.

Advisory available under CC0-1.0 license.