{"ecosystem":"cargo","package":"futures-task","version":null,"bugs":[{"id":4570,"ecosystem":"cargo","package_name":"futures-task","affected_version":"0.2.1","fixed_version":"0.3.6","bug_id":"osv:GHSA-r93v-9p5q-vhpf","title":"futures_task::waker may cause a use-after-free if used on a type that isn't 'static","description":"Affected versions of the crate did not properly implement a 'static lifetime bound on the waker function. This resulted in a use-after-free if Waker::wake() is called after original data had been dropped.\n\nThe flaw was corrected by adding 'static lifetime bound to the data waker takes.","severity":"high","status":"fixed","source":"osv","source_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35906","labels":["CVE-2020-35906","RUSTSEC-2020-0060"],"created_at":"2026-04-26 03:01:20.050270+00:00","updated_at":"2026-04-26 03:01:20.050270+00:00"},{"id":4572,"ecosystem":"cargo","package_name":"futures-task","affected_version":"0.0.0-0","fixed_version":"0.3.5","bug_id":"osv:RUSTSEC-2020-0061","title":"futures_task::noop_waker_ref can segfault due to dereferencing a NULL pointer","description":"Affected versions of the crate used a `UnsafeCell` in thread-local storage to return a noop waker reference,\nassuming that the reference would never be returned from another thread.\n\nThis resulted in a segmentation fault crash if `Waker::wake_by_ref()` was called on a waker returned from another thread due to \nit attempting to dereference a pointer that wasn't accessible from the main thread.\n\nReproduction Example (from issue):\n```rust\nuse futures_task::noop_waker_ref;\nfn main() {\n    let waker = std::thread::spawn(|| noop_waker_ref()).join().unwrap();\n    waker.wake_by_ref();\n}\n```\n\nThe flaw was corrected by using a `OnceCell::Lazy<>` wrapper around the noop waker instead of thread-local storage.","severity":"medium","status":"fixed","source":"osv","source_url":"https://crates.io/crates/futures-task","labels":["CVE-2020-35907","GHSA-p9m5-3hj7-cp5r"],"created_at":"2026-04-26 03:01:20.058115+00:00","updated_at":"2026-04-26 03:01:20.058115+00:00"},{"id":4571,"ecosystem":"cargo","package_name":"futures-task","affected_version":"0.2.2-0","fixed_version":"0.3.6","bug_id":"osv:RUSTSEC-2020-0060","title":"futures_task::waker may cause a use-after-free if used on a type that isn't 'static","description":"Affected versions of the crate did not properly implement a `'static` lifetime bound on the `waker` function.\nThis resulted in a use-after-free if `Waker::wake()` is called after original data had been dropped.\n\nThe flaw was corrected by adding `'static` lifetime bound to the data `waker` takes.","severity":"medium","status":"fixed","source":"osv","source_url":"https://crates.io/crates/futures-task","labels":["CVE-2020-35906","GHSA-r93v-9p5q-vhpf"],"created_at":"2026-04-26 03:01:20.055450+00:00","updated_at":"2026-04-26 03:01:20.055450+00:00"},{"id":4569,"ecosystem":"cargo","package_name":"futures-task","affected_version":null,"fixed_version":"0.3.5","bug_id":"osv:GHSA-p9m5-3hj7-cp5r","title":"futures_task::noop_waker_ref can segfault due to dereferencing a NULL pointer","description":"Affected versions of the crate used a UnsafeCell in thread-local storage to return a noop waker reference, assuming that the reference would never be returned from another thread.\n\nThis resulted in a segmentation fault crash if Waker::wake_by_ref() was called on a waker returned from another thread due to it attempting to dereference a pointer that wasn't accessible from the main thread.","severity":"medium","status":"fixed","source":"osv","source_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35907","labels":["CVE-2020-35907","RUSTSEC-2020-0061"],"created_at":"2026-04-26 03:01:20.039107+00:00","updated_at":"2026-04-26 03:01:20.039107+00:00"}],"total":4,"_cache":"hit"}