Vulnerability Details CVE-2017-20004
In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.4%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2017-20004
-
cpe:2.3:a:rust-lang:rust:0.1
-
cpe:2.3:a:rust-lang:rust:0.10
-
cpe:2.3:a:rust-lang:rust:0.11.0
-
cpe:2.3:a:rust-lang:rust:0.12.0
-
cpe:2.3:a:rust-lang:rust:0.2
-
cpe:2.3:a:rust-lang:rust:0.3
-
cpe:2.3:a:rust-lang:rust:0.3.1
-
cpe:2.3:a:rust-lang:rust:0.4
-
cpe:2.3:a:rust-lang:rust:0.5
-
cpe:2.3:a:rust-lang:rust:0.6
-
cpe:2.3:a:rust-lang:rust:0.7
-
cpe:2.3:a:rust-lang:rust:0.8
-
cpe:2.3:a:rust-lang:rust:0.9
-
cpe:2.3:a:rust-lang:rust:1.0.0
-
cpe:2.3:a:rust-lang:rust:1.1.0
-
cpe:2.3:a:rust-lang:rust:1.10.0
-
cpe:2.3:a:rust-lang:rust:1.11.0
-
cpe:2.3:a:rust-lang:rust:1.12.0
-
cpe:2.3:a:rust-lang:rust:1.12.1
-
cpe:2.3:a:rust-lang:rust:1.13.0
-
cpe:2.3:a:rust-lang:rust:1.14.0
-
cpe:2.3:a:rust-lang:rust:1.15.0
-
cpe:2.3:a:rust-lang:rust:1.15.1
-
cpe:2.3:a:rust-lang:rust:1.16.0
-
cpe:2.3:a:rust-lang:rust:1.17.0
-
cpe:2.3:a:rust-lang:rust:1.18.0
-
cpe:2.3:a:rust-lang:rust:1.2.0
-
cpe:2.3:a:rust-lang:rust:1.3.0
-
cpe:2.3:a:rust-lang:rust:1.4.0
-
cpe:2.3:a:rust-lang:rust:1.5.0
-
cpe:2.3:a:rust-lang:rust:1.6.0
-
cpe:2.3:a:rust-lang:rust:1.7.0
-
cpe:2.3:a:rust-lang:rust:1.8.0
-
cpe:2.3:a:rust-lang:rust:1.9.0