actix-web-opentelemetry (>=0.2.0 <=0.17.0), alopex-dataframe (=0.2.0) +197 more potentially affected by CVE-2026-43868 via thrift (>=0.0.4 <=0.17.0)

thrift CARGO version =0.0.4, =0.2.0, =0.3.0, =0.3.5, =0.3.5, =0.2.0, =0.7.0, =0.1.0, =0.1.0, =0.32.1, =0.2.1, =0.5.0 and more Source cves: CVE-2026-43868 Source advisory: OSV:GHSA-2F9F-GQ7V-9H6M...

EUVD-2022-6873

Malicious code in bioql PyPI...

Malicious code in axum-live-view (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13a5a0a62bce34fe9622dd50cb22861f95c0e64bc3ac81d819fd4191380ce5e6 The OpenSSF Package Analysis project identified 'axum-live-view' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-10235 Malicious code in axum-live-view (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13a5a0a62bce34fe9622dd50cb22861f95c0e64bc3ac81d819fd4191380ce5e6 The OpenSSF Package Analysis project identified 'axum-live-view' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

Fedora: Security Advisory (FEDORA-2023-f81c1ab1e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : rust-axum / rust-tokio-tungstenite / rust-tungstenite / rust-warp (2023-f81c1ab1e6)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-f81c1ab1e6 advisory. - Update the axum crate to version 0.6.20. - Update the tokio-tungstenite crate to version 0.20.1. - Update the tungstenite crate to version 0.20.1. - Port...

GHSA-58J9-J2FJ-V8F4 SurrealDB vulnerable to Uncontrolled CPU Consumption via WebSocket Interface

SurrealDB depends on the tungstenite and tokio-tungstenite crates used by the axum crate, which handles connections to the SurrealDB WebSocket interface. On versions before 0.20.1, the tungstenite crate presented an issue which allowed the parsing of HTTP headers during the client handshake to...

Fedora: Security Advisory for rust-axum (FEDORA-2023-9c4142423a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: rust-axum-0.6.20-1.fc38

Web framework that focuses on ergonomics and modularity...

[SECURITY] Fedora 37 Update: rust-axum-0.6.20-1.fc37

Web framework that focuses on ergonomics and modularity...

Fedora 38 : rust-axum / rust-tokio-tungstenite / rust-tungstenite / rust-warp (2023-9c4142423a)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-9c4142423a advisory. - Update the axum crate to version 0.6.20. - Update the tokio-tungstenite crate to version 0.20.1. - Update the tungstenite crate to version 0.20.1. - Port...

Fedora: Security Advisory for rust-axum (FEDORA-2023-91a66898d2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rust-axum-0.6.20-1.fc39

Web framework that focuses on ergonomics and modularity...

ahecha (>=0.0.5 <=0.0.9), ahecha_html (>=0.0.2 <=0.0.8) +79 more potentially affected by CVE-2022-3212 via axum-core (=0.1.2)

axum-core CARGO version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on axum-core and may be impacted: - ahecha =0.0.5, =0.0.2, =0.0.2, =0.1.0, =3.0.14, =0.14.0, =0.33.0, =0.4.0, =0.1.0, =0.1.1 - axum-client-ip =0.1.0 - axum-core =0.2.0 and more...

axum-core has no default limit put on request bodies

::fromrequest would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large or infinite body your server might run out of memory and crash. This also applies to these extractors which used Bytes::fromrequest internally: -...

GHSA-M77F-652Q-WWP4 axum-core has no default limit put on request bodies

::fromrequest would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large or infinite body your server might run out of memory and crash. This also applies to these extractors which used Bytes::fromrequest internally: -...

CVE-2022-3212

::fromrequest would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large or infinite body your server might run out of memory and crash. This also applies to these extractors which used Bytes::fromrequest internally:...

CVE-2022-3212 DoS in axum-core due to missing request size limit

::fromrequest would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large or infinite body your server might run out of memory and crash. This also applies to these extractors which used Bytes::fromrequest internally:...

axum 安全漏洞

axum is a Tokio open source web application framework focused on ergonomics and modularity. A security vulnerability exists in axum that stems from the fact that it does not limit the size of files, causing it to run out of memory and crash...

RUSTSEC-2022-0055 No default limit put on request bodies

::fromrequest would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large or infinite body your server might run out of memory and crash. This also applies to these extractors which used Bytes::fromrequest internally: -...