Vulnerabilities > Hyper > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-11 | CVE-2023-26964 | Allocation of Resources Without Limits or Throttling vulnerability in Hyper H2 and Hyper An issue was discovered in hyper v0.13.7. | 7.5 |
| 2023-02-21 | CVE-2022-31394 | Allocation of Resources Without Limits or Throttling vulnerability in Hyper Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks. | 7.5 |
| 2021-02-11 | CVE-2021-21299 | HTTP Request Smuggling vulnerability in Hyper hyper is an open-source HTTP library for Rust (crates.io). | 8.1 |
| 2020-09-14 | CVE-2020-25574 | Infinite Loop vulnerability in Hyper Http An issue was discovered in the http crate before 0.1.20 for Rust. | 7.5 |
| 2018-04-09 | CVE-2018-9862 | Inappropriate Encoding for Output Context vulnerability in Hyper Runv 1.0.0 util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697. | 7.8 |