An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface.
References
Link | Resource |
---|---|
https://rustsec.org/advisories/RUSTSEC-2020-0008.html | Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-12-31 10:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-35863
Mitre link : CVE-2020-35863
CVE.ORG link : CVE-2020-35863
JSON object : View
Products Affected
hyper
- hyper
CWE
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')