OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-24 12:20:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

maybe appease linter?

Browse Source
This commit is contained in:
Jacob Rothstein
2020-12-17 17:54:01 -08:00
parent fbb1d34eeb
commit f8b4364f88
1 changed files with 4 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
crates/async-h1/RUSTSEC-0000-0000.md
View File

@@ -3,9 +3,9 @@
id = "RUSTSEC-0000-0000"
package = "async-h1"
date = "2020-12-17"
url = "https://github.com/http-rs/async-h1"
categories = ["request-smuggling"]
keywords = ["request", "smuggling"]
url = "https://github.com/http-rs/async-h1/releases/tag/v2.3.0"
categories = []
keywords = ["smuggling", "http", "reverse proxy", "request smuggling"]
aliases = ["GHSA-4vr9-8cjf-vf9c"]
#cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
@@ -16,10 +16,7 @@ unaffected = []
[affected]
#arch = ["x86"]
#os = ["windows"]
functions = {
"async_h1::server::decode" = ["< 2.3.0"],
"async_h1::server::accept" = ["< 2.3.0"]
}
functions = {"async_h1::server::decode" = ["< 2.3.0"], "async_h1::server::accept" = ["< 2.3.0"]}
```
# Async-h1 request smuggling possible with long unread bodies