Actix Actix-Http vulnerabilities
2 known vulnerabilities affecting actix/actix-http.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2021-38512HIGHCVSS 7.5fixed in 3.0.0v3.0.02021-08-10
CVE-2021-38512 [HIGH] CWE-444 CVE-2021-38512: An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggli
An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
ghsanvdosv
CVE-2020-35901HIGHCVSS 7.5≤ 1.0.12020-12-31
CVE-2020-35901 [HIGH] CWE-416 CVE-2020-35901: An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.
ghsanvdosv