RUSTSEC-2020-0139 on 2020-12-09: dces' World type can cause data races

The World type in dces is marked as Send without bounds on its EntityStore and ComponentStore.

This allows non-thread safe EntityStore and ComponentStores to be sent across threads and cause data races.

CVE-2020-36459

GHSA-hxw9-jxqw-jc8j

This crate has no reviews yet. To add a review, set up your cargo-crev.


Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories. There is absolutely no guarantee that the repository URL declared by the crate belongs to the crate, or that the code in the repository is the code inside the published tarball. To review the actual code of the crate, it's best to use cargo crev open dces. Alternatively, you can download the tarball of dces v0.3.1 or view the source online.