crates.io package
http
pkg:cargo/http
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-25009 | — | < 0.1.20 | 0.1.20 | Dec 31, 2020 | An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness. | ||
| CVE-2020-25574 | — | < 0.1.20 | 0.1.20 | Sep 14, 2020 | An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop). |
- CVE-2019-25009Dec 31, 2020affected < 0.1.20fixed 0.1.20
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness.
- CVE-2020-25574Sep 14, 2020affected < 0.1.20fixed 0.1.20
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in denial of service (e.g., an infinite loop).