Vulnerabilities (CVE)

Filtered by vendor Actix Subscribe
Filtered by product Actix-http
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38512 2 Actix, Fedoraproject 2 Actix-http, Fedora 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
CVE-2020-35901 1 Actix 1 Actix-http 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.