CVE-2020-35925

Name of the Vulnerable Software and Affected Versions magnetic crate versions prior to 2.0.1

Description An issue in the magnetic crate allows cross-thread sending of a non-Send type, which can cause a data race. The affected versions unconditionally implemented Sync and Send traits for MPMCConsumer and MPMCProducer types, enabling users to send types that do not implement the Send trait across thread boundaries.

Recommendations For versions prior to 2.0.1, update to version 2.0.1 or later, which includes the correction by adding the T: Send bound to affected Sync/Send trait implementations. As a temporary workaround, consider avoiding the use of MPMCConsumer and MPMCProducer types to send non-Send types across thread boundaries until the update is applied.