CVE-2020-35884

2020-12-3108:25:45

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

JSON

An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M3JDNRE5RXJOWZZZF5QSCG4GUCSLTHF2/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VO6SRTCEPEYO2OX647I3H5XUWLFDRDWL/

rustsec.org/advisories/RUSTSEC-2020-0031.html