CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Description
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-26 · CAPEC-29
CVEs mapped to this weakness (1,091)
page 36 of 55| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24686 | 0.00 | — | 0.01 | Feb 14, 2022 | HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6 | |||
| CVE-2021-45704 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket unconditionally implements the Send and Sync traits. | ||
| CVE-2021-45710 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption. | ||
| CVE-2020-35216 | — | 0.00 | — | 0.01 | Dec 16, 2021 | An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages. | ||
| CVE-2020-36435 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks. | ||
| CVE-2020-36436 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab and Unordered<T, S> do not have bounds on their Send and Sync traits. | ||
| CVE-2020-36437 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender. | ||
| CVE-2020-36438 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the tiny_future crate before 0.4.0 for Rust. Future does not have bounds on its Send and Sync traits. | ||
| CVE-2020-36439 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the ticketed_lock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket and WriteTicket. | ||
| CVE-2020-36440 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the libsbc crate before 0.1.5 for Rust. For Decoder, it implements Send for any R: Read. | ||
| CVE-2020-36441 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox with no requirement for T: Send and T: Sync. | ||
| CVE-2020-36442 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait. | ||
| CVE-2020-36444 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuard<RC, T> without trait bounds on RC. | ||
| CVE-2020-36445 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the convec crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for ConVec. | ||
| CVE-2020-36446 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel. | ||
| CVE-2020-36448 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache. | ||
| CVE-2020-36450 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch. | ||
| CVE-2020-36451 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the rcu_cell crate through 2020-11-14 for Rust. There are unconditional implementations of Send and Sync for RcuCell. | ||
| CVE-2020-36453 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue. | ||
| CVE-2020-36454 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeak has an unconditional implementation of Send without trait bounds on T. |
- CVE-2022-24686Feb 14, 2022risk 0.00cvss —epss 0.01
HashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6
- CVE-2021-45704Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket unconditionally implements the Send and Sync traits.
- CVE-2021-45710Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption.
- CVE-2020-35216Dec 16, 2021risk 0.00cvss —epss 0.01
An issue in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via false member down event messages.
- CVE-2020-36435Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks.
- CVE-2020-36436Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab and Unordered<T, S> do not have bounds on their Send and Sync traits.
- CVE-2020-36437Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender.
- CVE-2020-36438Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the tiny_future crate before 0.4.0 for Rust. Future does not have bounds on its Send and Sync traits.
- CVE-2020-36439Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the ticketed_lock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket and WriteTicket.
- CVE-2020-36440Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the libsbc crate before 0.1.5 for Rust. For Decoder, it implements Send for any R: Read.
- CVE-2020-36441Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox with no requirement for T: Send and T: Sync.
- CVE-2020-36442Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait.
- CVE-2020-36444Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuard<RC, T> without trait bounds on RC.
- CVE-2020-36445Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the convec crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for ConVec.
- CVE-2020-36446Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel.
- CVE-2020-36448Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the cache crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for Cache.
- CVE-2020-36450Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch.
- CVE-2020-36451Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the rcu_cell crate through 2020-11-14 for Rust. There are unconditional implementations of Send and Sync for RcuCell.
- CVE-2020-36453Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the scottqueue crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for Queue.
- CVE-2020-36454Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeak has an unconditional implementation of Send without trait bounds on T.