You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).
mend-for-github-combot
changed the title
CVE-2020-25574 (Medium) detected in http-0.1.16.crate
CVE-2020-25574 (High) detected in http-0.1.16.crate
Nov 23, 2020
CVE-2020-25574 - High Severity Vulnerability
Vulnerable Library - http-0.1.16.crate
A set of types for representing HTTP requests and responses.
Library home page: https://crates.io/api/v1/crates/http/0.1.16/download
Dependency Hierarchy:
Vulnerability Details
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).
Publish Date: 2020-09-14
URL: CVE-2020-25574
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: hyperium/http#352
Release Date: 2020-09-14
Fix Resolution: http - 0.1.20
The text was updated successfully, but these errors were encountered: