From d7233ee826ec860ffcb366ccb3636275a1037b36 Mon Sep 17 00:00:00 2001 From: snoopysecurity Date: Fri, 21 Aug 2020 10:44:58 +0100 Subject: [PATCH 1/2] Add tiny-http Request Smuggling --- crates/tiny_http/RUSTSEC-2020-0000.toml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 crates/tiny_http/RUSTSEC-2020-0000.toml diff --git a/crates/tiny_http/RUSTSEC-2020-0000.toml b/crates/tiny_http/RUSTSEC-2020-0000.toml new file mode 100644 index 0000000..0500d15 --- /dev/null +++ b/crates/tiny_http/RUSTSEC-2020-0000.toml @@ -0,0 +1,20 @@ +[advisory] +id = "RUSTSEC-2020-0000" +package = "tiny_http" +date = "2020-06-16" +title = "HTTP Request smuggling through malformed Transfer Encoding headers" +url = "https://github.com/tiny-http/tiny-http/issues/173" +categories = ["format-injection"] +keywords = ["http", "request-smuggling"] +description = """ +HTTP pipelining issues and request smuggling attacks are possible due to incorrect +Transfer encoding header parsing. + +It is possible conduct HTTP request smuggling attacks (CL:TE/TE:TE) by sending invalid Transfer Encoding headers. + +By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information +from requests other than their own. +""" + +[versions] +patched = [] \ No newline at end of file From 1400f8592065506973f047f81ea2a38b6098dbac Mon Sep 17 00:00:00 2001 From: "Sergey \"Shnatsel\" Davidoff" Date: Fri, 21 Aug 2020 19:09:16 +0200 Subject: [PATCH 2/2] drop categories --- crates/tiny_http/RUSTSEC-2020-0000.toml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/crates/tiny_http/RUSTSEC-2020-0000.toml b/crates/tiny_http/RUSTSEC-2020-0000.toml index 0500d15..3b73a61 100644 --- a/crates/tiny_http/RUSTSEC-2020-0000.toml +++ b/crates/tiny_http/RUSTSEC-2020-0000.toml @@ -4,7 +4,6 @@ package = "tiny_http" date = "2020-06-16" title = "HTTP Request smuggling through malformed Transfer Encoding headers" url = "https://github.com/tiny-http/tiny-http/issues/173" -categories = ["format-injection"] keywords = ["http", "request-smuggling"] description = """ HTTP pipelining issues and request smuggling attacks are possible due to incorrect @@ -17,4 +16,4 @@ from requests other than their own. """ [versions] -patched = [] \ No newline at end of file +patched = []