crossbeam-epoch is vulnerable to Null Pointer Dereference
15
Low Risk
Affected versions of crossbeam-epoch are vulnerable to a null pointer dereference in the fmt::Pointer implementation for Atomic and Shared. These types can be constructed with a null pointer, but when formatted via Display or related formatting traits, the implementation calls as_ptr, which requires a valid pointer. Formatting a null Atomic or Shared value can trigger undefined behavior or crash the application.
You are affected if you are using a version that falls within the vulnerable range and your application formats Atomic or Shared values that may hold a null pointer (for example via Display or debug logging).
crossbeam-epoch is vulnerable to Null Pointer Dereference in versions 0.9.0 - 0.9.18.
Upgrade the crossbeam-epoch library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant