VYPR

crates.io package

httpsig-hyper

pkg:cargo/httpsig-hyper

Vulnerabilities (1)

  • CVE-2026-26275Feb 19, 2026
    affected < 0.0.23fixed 0.0.23

    httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in `httpsig-hyper` prior to version 0.0.23 where Digest header verification could incorrectly succeed due to misuse of Rust's `matches!` macro. Specifically, the comparison `if matches!(digest