Описание
An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows. There is an HTTPS man-in-the-middle vulnerability because hostname verification was omitted.
Ссылки
- Release NotesThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.9.4 (исключая)
Одновременно
cpe:2.3:a:hyper:hyper:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00203
Низкий
4.8 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
CVSS3: 4.8
debian
больше 6 лет назад
An issue was discovered in the hyper crate before 0.9.4 for Rust on Wi ...
CVSS3: 4.8
github
больше 4 лет назад
HTTPS MitM vulnerability due to lack of hostname verification
EPSS
Процентиль: 42%
0.00203
Низкий
4.8 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-254