Azure Linux 3.0 Security Update: rpm-ostree (CVE-2021-32714)

The version of rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-32714 advisory. - hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had...

Linux Distros Unpatched Vulnerability : CVE-2021-32715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a Content-Length header with a prefix...

Linux Distros Unpatched Vulnerability : CVE-2021-32714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a flaw that could trigger an integer overflow when...

mitmproxy binaries embed a vulnerable python-hyper/h2 dependency

mitmproxy 12.1.1 and below embed python-hyper/h2 ≤ v4.2.0, which has a gap in its HTTP/2 header validation. This enables request smuggling attacks when mitmproxy is in a configuration where it translates HTTP/2 to HTTP/1. For example, this affects reverse proxies to http:// backends. It does not...

An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result the memory and CPU usage are high which can lead to a Denial of Service (DoS).

...

AZL-35217 CVE-2023-26964 affecting package rpm-ostree for versions less than 2024.4-1

An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RSTSTREAM frames. As a result, the memory and CPU usage are high which can lead to a Denial of Service DoS...

hyper 安全漏洞

hyperium hyper is an open source HTTP library for Rust. It is intended to be a building block for libraries and applications. A security vulnerability exists in hyper version v0.13.7, which stems from high memory and CPU usage and could lead to a denial of service DoS...

DEBIAN-CVE-2021-32715

hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a Content-Length header with a prefixed plus sign, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that doesn't parse such...

DEBIAN-CVE-2021-32714

hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a flaw that could trigger an integer overflow when decoding chunk sizes that are too big. This allows possible data loss, or if combined with an upstream HTTP proxy that allows chunk sizes...

UBUNTU-CVE-2021-32714

hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a flaw that could trigger an integer overflow when decoding chunk sizes that are too big. This allows possible data loss, or if combined with an upstream HTTP proxy that allows chunk sizes...

hyperium hyper 环境问题漏洞

hyperium hyper is an open source HTTP library for Rust. It is intended to be a building block for libraries and applications. A vulnerability exists in hyperium hyper, which arises from the hyper's HTTP/1 server incorrectly parsing and accepting requests with the "Content-Length" header...