OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Mark patched tiny-http version for 2020-0031 (#875)

Browse Source 
* Mark patched tiny-http version for 2020-0031

A backport of the fix for 2020-0031 has been applied to the 0.6.x
branch, starting at 0.6.3, subsequent 0.6 versions are no longer
vulnerable.

* Fix version specification

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
This commit is contained in:
Richard Bradfield
2021-04-16 12:27:30 +01:00
committed by GitHub
parent caa2ef87e9
commit 60455ec8b1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/tiny_http/RUSTSEC-2020-0031.md
View File

@@ -8,7 +8,7 @@ keywords = ["http", "request-smuggling"]
url = "https://github.com/tiny-http/tiny-http/issues/173"
[versions]
patched = [">= 0.8.0"]
patched = [">= 0.8.0", "^0.6.3"]
```
# HTTP Request smuggling through malformed Transfer Encoding headers