Описание
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rust-http | fixed | 0.1.19-2 | package | |
| rust-http | no-dsa | buster | package |
Примечания
https://rustsec.org/advisories/RUSTSEC-2019-0033.html
https://github.com/hyperium/http/issues/352
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 5 лет назад
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).
CVSS3: 7.5
nvd
больше 5 лет назад
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).
CVSS3: 7.5
github
больше 4 лет назад
Integer Overflow/Infinite Loop in the http crate