CVE-2020-36218

Name of the Vulnerable Software and Affected Versions buttplug crate versions prior to 1.0.4

Description The issue arises from ButtplugFutureStateShared not properly handling objects that do not implement Send or Sync, leading to potential data races and undefined behavior when moving non-Send types across thread boundaries or accessing non-Sync types from multiple threads. This can occur with types like Rc<T> for non-Send cases and Arc<Cell< >> for non-Sync cases.

Recommendations For buttplug crate versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue by allowing rustc to generate auto trait implementations with correct trait bounds on T.