CVE-2025-4574
MEDIUMCrates.io Crossbeam-channel < 0.5.15 - Double Free
Title source: ruleDescription
In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.
Scores
CVSS v3
6.5
EPSS
0.0038
EPSS Percentile
59.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Classification
CWE
CWE-415
Status
draft
Affected Products (1)
crates.io/crossbeam-channel
< 0.5.15crates.io
Timeline
Published
May 13, 2025
Tracked Since
Feb 18, 2026