Vulnerabilities > Hyper > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-11 CVE-2023-26964 Allocation of Resources Without Limits or Throttling vulnerability in Hyper H2 and Hyper
An issue was discovered in hyper v0.13.7.
network
low complexity
hyper CWE-770
7.5
2023-02-21 CVE-2022-31394 Allocation of Resources Without Limits or Throttling vulnerability in Hyper
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.
network
low complexity
hyper CWE-770
7.5
2021-02-11 CVE-2021-21299 HTTP Request Smuggling vulnerability in Hyper
hyper is an open-source HTTP library for Rust (crates.io).
network
high complexity
hyper CWE-444
8.1
2020-09-14 CVE-2020-25574 Infinite Loop vulnerability in Hyper Http
An issue was discovered in the http crate before 0.1.20 for Rust.
network
low complexity
hyper CWE-835
7.5
2018-04-09 CVE-2018-9862 Inappropriate Encoding for Output Context vulnerability in Hyper Runv 1.0.0
util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697.
local
low complexity
hyper CWE-838
7.8