CVE-2019-16141

Name of the Vulnerable Software and Affected Versions once cell crate versions prior to 1.0.1

Description An issue was discovered where a panic occurs during the initialization of Lazy. If the initialization function panics during the first dereference of Lazy, subsequent dereferences will execute std::hints::unreachable unchecked. Applications with panic = "abort" are not affected.

Recommendations For once cell crate versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. As a temporary workaround, consider setting panic = "abort" to prevent subsequent dereferences.