RUSTSEC-2017-0002

Source
https://rustsec.org/advisories/RUSTSEC-2017-0002
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2017-0002.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2017-0002
Aliases
Published
2017-01-23T12:00:00Z
Modified
2023-11-08T03:59:16.284067Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
headers containing newline characters can split messages
Details

Serializing of headers to the socket did not filter the values for newline bytes (\r or \n), which allowed for header values to split a request or response. People would not likely include newlines in the headers in their own applications, so the way for most people to exploit this is if an application constructs headers based on unsanitized user input.

This issue was fixed by replacing all newline characters with a space during serialization of a header value.

Database specific
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / hyper

Package

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.9.18
Introduced
0.10.0
Fixed
0.10.2

Ecosystem specific

{
    "affected_functions": null,
    "affects": {
        "os": [],
        "functions": [],
        "arch": []
    }
}

Database specific

{
    "cvss": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
    "informational": null,
    "categories": []
}