CVE-2020-25574

CVE-2020-25574 affects the Rust http crate prior to 0.1.20. An integer overflow in HeaderMap::reserve() could cause denial of service (for example, an infinite loop). The issue is confirmed by multiple sources (e.g., OSV and GHSA advisories) and was fixed in 0.1.20. Public exploitation details ar...

CVE-2019-25009

CVE-2019-25009 — Rust http crate vulnerability : Affected component is the http crate (pre-0.1.20). The issue lies in the HeaderMap::Drain API, which can use a raw pointer, defeating soundness and potentially leading to memory-safety problems. This affects Rust projects depending on that crate. T...