Merge pull request #12 from seanmonstar/patch-1

add advisory for hyper message splitting vulnerability
2025-12-28 23:36:15 +01:00 · 2017-02-28 08:50:49 -08:00
parent 49389c7252 4597f51b45
commit 96b7e7b293
1 changed files with 15 additions and 0 deletions
--- a/crates/hyper/RUSTSEC-0000-0000.toml
+++ b/crates/hyper/RUSTSEC-0000-0000.toml
@@ -0,0 +1,15 @@
+[advisory]
+package = "hyper"
+patched_versions = [">= 0.10.2", "< 0.10.0, >= 0.9.18"]
+dwf = []
+url = "https://github.com/hyperium/hyper/wiki/Security-001"
+title = "headers containing newline characters can split messages"
+description = """
+Serializing of headers to the socket did not filter the values for newline bytes (\r or \n),
+which allowed for header values to split a request or response. People would not likely include
+newlines in the headers in their own applications, so the way for most people to exploit this
+is if an application constructs headers based on unsanitized user input.
+
+This issue was fixed by replacing all newline characters with a space during serialization of
+a header value.
+"""