An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface.
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.
An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows. There is an HTTPS man-in-the-middle vulnerability because hostname verification was omitted.
An issue was discovered in the hyper crate before 0.9.18 for Rust. It mishandles newlines in headers.
Stay updated with the latest patches and releases. Plan your sofware desisgn. Avoid common known vulnerabilities fixed by the open source community
Latest patch release: 0.3.16
Latest minor release: 0.14.26
Latest major release: 1.0.0-rc.3
Maintain your licence declarations and avoid unwanted licences to protect your IP the way you intended.
MIT - MIT License