Categories ⋅ Keywords ⋅ Packages Advisories with keyword 'http' April 3, 2024 RUSTSEC-2024-0332: Vulnerability in h2 Degradation of service in h2 servers with CONTINUATION Flood January 24, 2024 RUSTSEC-2024-0008: Vulnerability in trillium-client Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') January 24, 2024 RUSTSEC-2024-0009: Vulnerability in trillium-http Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') January 17, 2024 RUSTSEC-2024-0003: Vulnerability in h2 Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS) November 6, 2023 LOW RUSTSEC-2023-0069: Vulnerability in sudo-rs sudo-rs: Path Traversal vulnerability April 20, 2023 RUSTSEC-2023-0034: Vulnerability in h2 Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS) January 29, 2023 RUSTSEC-2022-0082: Vulnerability in warp Improper validation of Windows paths could lead to directory traversal attack December 23, 2022 RUSTSEC-2022-0072: Vulnerability in hyper-staticfile Location header incorporates user input, allowing open redirect November 30, 2022 RUSTSEC-2022-0069: Vulnerability in hyper-staticfile Improper validation of Windows paths could lead to directory traversal attack August 5, 2022 RUSTSEC-2022-0043: Vulnerability in tower-http Improper validation of Windows paths could lead to directory traversal attack January 21, 2022 RUSTSEC-2021-0135 (withdrawn advisory) August 10, 2021 HIGH RUSTSEC-2021-0081: Vulnerability in actix-http Potential request smuggling capabilities due to lack of input validation August 8, 2021 MEDIUM RUSTSEC-2021-0078: Vulnerability in hyper Lenient hyper header parsing of Content-Length could allow request smuggling August 8, 2021 CRITICAL RUSTSEC-2021-0079: Vulnerability in hyper Integer overflow in hyper's parsing of the Transfer-Encoding header leads to data loss February 5, 2021 HIGH RUSTSEC-2021-0020: Vulnerability in hyper Multiple Transfer-Encoding headers misinterprets request payload December 18, 2020 RUSTSEC-2020-0093: Vulnerability in async-h1 Async-h1 request smuggling possible with long unread bodies October 1, 2020 MEDIUM RUSTSEC-2020-0031: Vulnerability in tiny_http HTTP Request smuggling through malformed Transfer Encoding headers October 1, 2020 CRITICAL RUSTSEC-2020-0008: Vulnerability in hyper Flaw in hyper allows request smuggling by sending a body in GET requests October 1, 2020 HIGH RUSTSEC-2019-0033: Vulnerability in http Integer Overflow in HeaderMap::reserve() can cause Denial of Service