2 matches found
algorithmia (=3.0.0-beta), approveapi (=0.1.0) +164 more potentially affected by CVE-2020-35863 via hyper (>=0.11.27 <=0.12.19)
hyper CARGO version =0.11.27, =0.1.0, =0.2.0, =1.5.0, =0.4.2, =0.1.0, =0.1.0, =0.37.0, =0.39.2 and more Source cves: CVE-2020-35863 Source advisory: OSV:GHSA-H3QR-RQ2J-74W4...
CVE-2020-35863
The CVE-2020-35863 entry concerns the hyper crate for Rust prior to 0.12.34, where HTTP request smuggling can lead to remote code execution in certain loopback HTTP server scenarios. Affected component: hyper (Rust crate); root cause: unsafe handling of HTTP requests enabling request smuggling an...