Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS0ycXY1LTdtdzUtajNjZ84AAyhH
spin-rs initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers
Once::try_call_once is unsound if invoked more than once concurrently and any call fails to initialise successfully.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0ycXY1LTdtdzUtajNjZ84AAyhH
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 2 months ago
Updated: 2 months ago
Identifiers: GHSA-2qv5-7mw5-j3cg
References:
- https://github.com/mvdnes/spin-rs/issues/148
- https://rustsec.org/advisories/RUSTSEC-2023-0031.html
- https://github.com/advisories/GHSA-2qv5-7mw5-j3cg
Affected Packages
cargo:spin
Versions: >= 0.9.3, < 0.9.8Fixed in: 0.9.8