EUVD-2022-3538

Malicious code in bioql PyPI...

CVE-2020-36202

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...

Async-h1 request smuggling possible with long unread bodies

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...

GHSA-C8RQ-CRXJ-MJ9M Async-h1 request smuggling possible with long unread bodies

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...

GHSA-4VR9-8CJF-VF9C Async-h1 request smuggling possible with long unread bodies

Impact This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content...

Async-h1 request smuggling possible with long unread bodies

Impact This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content...

CVE-2020-36202

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...

CVE-2020-36202

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...

Design/Logic Flaw

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...

CVE-2020-36202

An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy...

CVE-2020-36202

The CVE-2020-36202 issue affects the async-h1 crate for Rust prior to 2.3.0. When used behind a reverse proxy, request smuggling can occur if the proxy mishandles the request body, potentially allowing a smuggled request or forged headers on a shared connection. The impact described includes risk...

CVE-2020-26281

async-h1 is an asynchronous HTTP/1.1 parser for Rust crates.io. There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the bo...

Cross site request forgery (csrf)

async-h1 is an asynchronous HTTP/1.1 parser for Rust crates.io. There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the bo...

CVE-2020-26281 request smuggling in async-h1

async-h1 is an asynchronous HTTP/1.1 parser for Rust crates.io. There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the bo...

CVE-2020-26281

CVE-2020-26281 affects the async-h1 crate (Rust) before version 2.3.0 when used behind a reverse proxy. The vulnerability arises when the server does not consume a request body beyond a buffer, allowing a smuggled request to be read from the body and potentially forge or manipulate forwarded head...

Async-h1 request smuggling possible with long unread bodies

This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content starting at...