Vulnerabilities > Hyper > High

DATE CVE VULNERABILITY TITLE RISK
2023-04-11 CVE-2023-26964 Allocation of Resources Without Limits or Throttling vulnerability in Hyper H2 and Hyper
An issue was discovered in hyper v0.13.7.
network
low complexity
hyper CWE-770
7.5
2023-02-21 CVE-2022-31394 Allocation of Resources Without Limits or Throttling vulnerability in Hyper
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software, allowing attackers to perform HTTP2 attacks.
network
low complexity
hyper CWE-770
7.5
2020-12-31 CVE-2020-35863 Code Injection vulnerability in Hyper
An issue was discovered in the hyper crate before 0.12.34 for Rust.
network
low complexity
hyper CWE-94
7.5
2020-12-31 CVE-2019-25009 Double Free vulnerability in Hyper Http
An issue was discovered in the http crate before 0.1.20 for Rust.
network
low complexity
hyper CWE-415
7.5
2018-04-09 CVE-2018-9862 Inappropriate Encoding for Output Context vulnerability in Hyper Runv 1.0.0
util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697.
local
low complexity
hyper CWE-838
7.2