Filtered by vendor Actix Subscriptions
Total 8 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-38512 2 Actix, Fedoraproject 2 Actix-http, Fedora 2024-11-21 7.5 High
An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
CVE-2020-35902 1 Actix 1 Actix-codec 2024-11-21 9.8 Critical
An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed.
CVE-2020-35901 1 Actix 1 Actix-http 2024-11-21 7.5 High
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.
CVE-2020-35899 1 Actix 1 Actix-service 2024-11-21 5.5 Medium
An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVE-2020-35898 1 Actix 1 Actix-utils 2024-11-21 9.1 Critical
An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVE-2018-25026 1 Actix 1 Actix-web 2024-11-21 9.8 Critical
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
CVE-2018-25025 1 Actix 1 Actix-web 2024-11-21 9.8 Critical
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption.
CVE-2018-25024 1 Actix 1 Actix-web 2024-11-21 9.8 Critical
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.