GHSA-GCQF-3G44-VC9P [actix-files] Panic triggered by empty Range header in GET request for static file

Summary A GET request for a static file served by actix-files with an empty Range header triggers a panic. With panic = "abort", a remote user may crash the process on-demand. Details actix-files assumes that HttpRange::parse, when Ok, always returns a vector with at least one element. When parse...

[actix-files] Panic triggered by empty Range header in GET request for static file

Summary A GET request for a static file served by actix-files with an empty Range header triggers a panic. With panic = "abort", a remote user may crash the process on-demand. Details actix-files assumes that HttpRange::parse, when Ok, always returns a vector with at least one element. When parse...

[actix-files] Panic triggered by empty Range header in GET request for static file

A GET request for a static file served by actix-files with an empty Range header triggers a panic. With panic = "abort", a remote user may crash the process on-demand...

Improper Input Validation in once_cell

If during the first dereference of Lazy the initialization function panics, subsequent dereferences will execute std::hints::unreachableunchecked. Applications with panic = "abort" are not affected, as there will be no subsequent dereferences...