Skip to main content

Hyper

7 CVEs product

Monthly

CVE-2024-23741 CRITICAL Act Now

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple Hyper
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-26964 Cargo HIGH POC PATCH This Week

An issue was discovered in hyper v0.13.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service H2 Hyper
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-32715 Cargo MEDIUM POC PATCH This Month

hyper is an HTTP library for rust. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Request Smuggling Information Disclosure Hyper
NVD GitHub
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-32714 Cargo CRITICAL POC PATCH Act Now

hyper is an HTTP library for Rust. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Hyper
NVD GitHub
CVSS 3.1
9.1
EPSS
1.1%
CVE-2021-21299 Cargo HIGH PATCH This Week

hyper is an open-source HTTP library for Rust (crates.io). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Hyper
NVD GitHub
CVSS 3.1
8.1
EPSS
4.8%
CVE-2020-35863 Cargo CRITICAL PATCH Act Now

An issue was discovered in the hyper crate before 0.12.34 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

RCE Request Smuggling Hyper
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2016-6581 PyPI HIGH PATCH This Week

A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Python Hpack Hyper
NVD
CVSS 3.0
7.5
EPSS
0.4%
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

An issue was discovered in hyper v0.13.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service H2 Hyper
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

hyper is an HTTP library for rust. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Request Smuggling Information Disclosure Hyper
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL POC PATCH Act Now

hyper is an HTTP library for Rust. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Hyper
NVD GitHub
EPSS 5% CVSS 8.1
HIGH PATCH This Week

hyper is an open-source HTTP library for Rust (crates.io). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Hyper
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in the hyper crate before 0.12.34 for Rust. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

RCE Request Smuggling Hyper
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Python Hpack +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy