Описание
An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rust-hyper | fixed | 0.12.35-1 | package |
Примечания
https://rustsec.org/advisories/RUSTSEC-2020-0008.html
https://github.com/hyperium/hyper/issues/1925
EPSS
Процентиль: 83%
0.02006
Низкий
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 5 лет назад
An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface.
CVSS3: 9.8
nvd
около 5 лет назад
An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface.
EPSS
Процентиль: 83%
0.02006
Низкий