RSS   Vulnerabilities for 'Tiny-http'   RSS

2020-12-31
 
CVE-2020-35884

CWE-444
 

 
An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header.

 
2018-06-06
 
CVE-2017-16097

CWE-22
 

 
tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.

 


Copyright 2024, cxsecurity.com

 

Back to Top