CVE-2021-32714
MEDIUM5.9EPSS 0.40%Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss
Published: 7/12/2021Modified: 11/8/2023
Description
When decoding chunk sizes that are too large, `hyper`'s code would encounter an integer overflow. Depending on the situation, this could lead to data loss from an incorrect total size, or in rarer cases, a request smuggling attack. To be vulnerable, you must be using `hyper` for any HTTP/1 purpose, including as a client or server, and consumers must send requests or responses that specify a chunk size greater than 18 exabytes. For a possible request smuggling attack to be possible, any upstream proxies must accept a chunk size greater than 64 bits.
Affected packages (3)
- crates.io/hyperfrom 0, < 0.14.10
- crates.io/hyper>= 0.0.0-0, < 0.14.10
- Debian/rust-hyperfrom 0, < 0.14.19-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
References (6)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-32714
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2021-32714
- PATCHhttps://crates.io/crates/hyper
- PATCHhttps://github.com/hyperium/hyper
- WEBhttps://github.com/hyperium/hyper/security/advisories/GHSA-5h46-h7hh-c6x9
- WEBhttps://rustsec.org/advisories/RUSTSEC-2021-0079.html