4 matches found
GHSA-XVC9-XWGJ-4CQ9 Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x7vr-c387-8w57. This link is maintained to preserve external references. Original Description HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently...
GHSA-X7VR-C387-8W57 Integer Overflow/Infinite Loop in the http crate
HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently overflows to 0 if given a sufficiently large number in release mode. If the map was not empty when the overflow happens, the library will invoke self.grow0 and start infinite probin...
Mozilla Rust Integer Overflow Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. An integer overflow vulnerability exists in http in Mozilla Rust versions prior to 0.1.20, which stems from an integer overflow in HeaderMap::reserve when dealing with very large values, and can be exploited by ...
Integer overflow
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite loop...