Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-21299

Опубликовано: 11 фев. 2021
Источник: nvd
CVSS3: 4.8
CVSS3: 8.1
CVSS2: 6.8
EPSS Низкий

Описание

hyper is an open-source HTTP library for Rust (crates.io). In hyper from version 0.12.0 and before versions 0.13.10 and 0.14.3 there is a vulnerability that can enable a request smuggling attack. The HTTP server code had a flaw that incorrectly understands some requests with multiple transfer-encoding headers to have a chunked payload, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that understands the request payload boundary differently can result in "request smuggling" or "desync attacks". To determine if vulnerable, all these things must be true: 1) Using hyper as an HTTP server (the client is not affected), 2) Using HTTP/1.1 (HTTP/2 does not use transfer-encoding), 3) Using a vulnerable HTTP proxy upstream to hyper. If an upstream proxy correctly rejects the illegal transfer-encoding headers, the desync attack cannot succeed. If there is no proxy upstream of hyper, hyper cannot start the desync attack, as the client will repair the headers

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hyper:hyper:*:*:*:*:*:rust:*:*
Версия от 0.12.0 (включая) до 0.13.10 (исключая)
cpe:2.3:a:hyper:hyper:*:*:*:*:*:rust:*:*
Версия от 0.14.0 (включая) до 0.14.3 (исключая)

EPSS

Процентиль: 68%
0.00577
Низкий

4.8 Medium

CVSS3

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-444

Связанные уязвимости

ubuntu логотип

CVE-2021-21299

CVSS3: 4.8
ubuntu
почти 5 лет назад

hyper is an open-source HTTP library for Rust (crates.io). In hyper from version 0.12.0 and before versions 0.13.10 and 0.14.3 there is a vulnerability that can enable a request smuggling attack. The HTTP server code had a flaw that incorrectly understands some requests with multiple transfer-encoding headers to have a chunked payload, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that understands the request payload boundary differently can result in "request smuggling" or "desync attacks". To determine if vulnerable, all these things must be true: 1) Using hyper as an HTTP server (the client is not affected), 2) Using HTTP/1.1 (HTTP/2 does not use transfer-encoding), 3) Using a vulnerable HTTP proxy upstream to hyper. If an upstream proxy correctly rejects the illegal transfer-encoding headers, the desync attack cannot succeed. If there is no proxy upstream of hyper, hyper cannot start the desync attack, as the client will repair the heade...

debian логотип

CVE-2021-21299

CVSS3: 4.8
debian
почти 5 лет назад

hyper is an open-source HTTP library for Rust (crates.io). In hyper fr ...

github логотип

GHSA-6hfq-h8hq-87mf

CVSS3: 4.8
github
больше 4 лет назад

HTTP Request Smuggling in hyper

EPSS

Процентиль: 68%
0.00577
Низкий

4.8 Medium

CVSS3

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-444