Linux Distros Unpatched Vulnerability : CVE-2019-25009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness. CVE-2019-25009 Note that...

unicef-hope-aurora (>=1.7.0.dev639 <=1.7.0rc1) potentially affected by CVE-2025-13030 via django-mdeditor (=0.1.20)

django-mdeditor PYPI version =0.1.20 is affected by a known vulnerability. The following packages have a transitive dependency on django-mdeditor and may be impacted: - unicef-hope-aurora =1.7.0.dev639, =1.7.0rc1 Source cves: CVE-2025-13030 Source advisory: SNYK:PYTHON-DJANGOMDEDITOR-8630926...

SUSE CVE-2020-25574

An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite loop...

GHSA-XVC9-XWGJ-4CQ9 Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x7vr-c387-8w57. This link is maintained to preserve external references. Original Description HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently...

GHSA-X7VR-C387-8W57 Integer Overflow/Infinite Loop in the http crate

HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently overflows to 0 if given a sufficiently large number in release mode. If the map was not empty when the overflow happens, the library will invoke self.grow0 and start infinite probin...

Double free in http

An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...

CVE-2019-25009

An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...

kanidm (>=0.1.0 <=0.1.1), kanidm_client (>=0.1.0 <=0.1.1) potentially affected by CVE-2020-35928 via concread (=0.1.20)

concread CARGO version =0.1.20 is affected by a known vulnerability. The following packages have a transitive dependency on concread and may be impacted: - kanidm =0.1.0, =0.1.0, =0.1.1 Source cves: CVE-2020-35928 Source advisory: OSV:RUSTSEC-2020-0092...

RUSTSEC-2019-0034 HeaderMap::Drain API is unsound

Affected versions of this crate incorrectly used raw pointer, which introduced unsoundness in its public safe API. Failing to drop the Drain struct causes double-free, and it is possible to violate Rust's alias rule and cause data race with Drain's Iterator implementation. The flaw was corrected ...

PT-2019-16426

Name of the Vulnerable Software and Affected Versions http crate versions prior to 0.1.20 Description An issue was discovered in the http crate for Rust, where the HeaderMap::Drain API can use a raw pointer, defeating soundness. This introduced unsoundness in its public safe API, potentially...