An issue exists in the actix-http crate prior to 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
actix actix-http 3.0.0 |
||
actix actix-http |
||
fedoraproject fedora 34 |