rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use backticks for escaped characters

Browse Source
This commit is contained in:
Vinzent Steinberg
2019-10-07 17:05:39 +02:00
parent 5e28b2dfe5
commit 2dda7f38b8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
crates/hyper/RUSTSEC-2017-0002.toml
View File

@@ -6,7 +6,7 @@ date = "2017-01-23"
url = "https://github.com/hyperium/hyper/wiki/Security-001"
title = "headers containing newline characters can split messages"
description = """
Serializing of headers to the socket did not filter the values for newline bytes (\\r or \\n),
Serializing of headers to the socket did not filter the values for newline bytes (`\\r` or `\\n`),
which allowed for header values to split a request or response. People would not likely include
newlines in the headers in their own applications, so the way for most people to exploit this
is if an application constructs headers based on unsanitized user input.