32 matches found
EUVD-2021-1930
Malware in sbrugna...
EUVD-2021-1881
Malware in sbrugna...
EUVD-2021-1602
Malware in sbrugna...
CVE-2020-25574
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite loop...
SUSE CVE-2019-25009
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
SUSE CVE-2020-25574
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite loop...
Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x7vr-c387-8w57. This link is maintained to preserve external references. Original Description HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently...
GHSA-XVC9-XWGJ-4CQ9 Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x7vr-c387-8w57. This link is maintained to preserve external references. Original Description HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently...
GHSA-X7VR-C387-8W57 Integer Overflow/Infinite Loop in the http crate
HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently overflows to 0 if given a sufficiently large number in release mode. If the map was not empty when the overflow happens, the library will invoke self.grow0 and start infinite probin...
Integer Overflow/Infinite Loop in the http crate
HeaderMap::reserve used usize::nextpoweroftwo to calculate the increased capacity. However, nextpoweroftwo silently overflows to 0 if given a sufficiently large number in release mode. If the map was not empty when the overflow happens, the library will invoke self.grow0 and start infinite probin...
GHSA-6RHX-HQXM-8P36 Double free in http
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
Double free in http
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
CVE-2021-38512
An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling aka HRS can occur, potentially leading to credential disclosure...
DEBIAN-CVE-2019-25009
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
CVE-2019-25009
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
UBUNTU-CVE-2019-25009
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
Null pointer dereference
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
CVE-2019-25009
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...
Design/Logic Flaw
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream...
CVE-2019-25009
CVE-2019-25009 — Rust http crate vulnerability : Affected component is the http crate (pre-0.1.20). The issue lies in the HeaderMap::Drain API, which can use a raw pointer, defeating soundness and potentially leading to memory-safety problems. This affects Rust projects depending on that crate. T...