crates.io package
async-h1
pkg:cargo/async-h1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-36202 | — | < 2.3.0 | 2.3.0 | Jan 22, 2021 | An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy. | ||
| CVE-2020-26281 | — | < 2.3.0 | 2.3.0 | Dec 21, 2020 | async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server d |
- CVE-2020-36202Jan 22, 2021affected < 2.3.0fixed 2.3.0
An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy.
- CVE-2020-26281Dec 21, 2020affected < 2.3.0fixed 2.3.0
async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server d