Race Condition Affecting process_lock package, versions *


Severity

Recommended
0.0
low
0
10

CVSS assessment by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
0.23% (14th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RUST-PROCESSLOCK-10442549
  • published20 Jun 2025
  • disclosed24 May 2025
  • creditUnknown

Introduced: 24 May 2025

CVE-2025-48751  (opens in a new tab)
CWE-362  (opens in a new tab)

How to fix?

There is no fixed version for process_lock.

Overview

process_lock is a process lock impl multi process for rust.

Affected versions of this package are vulnerable to Race Condition through the unlock process. An attacker can induce a data race condition by exploiting the lack of proper synchronization mechanisms.

References

CVSS Base Scores

version 4.0
version 3.1