rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,652 Commits 21 Branches 0 Tags
main
Commit Graph

5 Commits

Author SHA1 Message Date
djc
2e45336771 Synchronize IDs (2025-10-28) 2025-10-28 07:02:18 +01:00
djc
0c700a4438 Assigned RUSTSEC-2025-0070 to pingora-core 2025-09-18 09:10:31 +02:00
Edward Wang
d889c3aee0 Add advisory for pingora-core MadeYouReset http/2 vuln (#2415) 
Adding advisory for pre 0.6.0 pingora-core versions specific to
[MadeYouReset](https://nvd.nist.gov/vuln/detail/CVE-2025-8671)
as a potential denial-of-service attack.
 2025-09-18 09:08:27 +02:00
github-actions[bot]
bccf313a98 Assigned RUSTSEC-2025-0037 to pingora-core (#2323) 
Co-authored-by: Shnatsel <291257+Shnatsel@users.noreply.github.com>
 2025-05-22 19:04:33 +01:00
Noah Kennedy
ed30d211da pingora request smuggling and cache poisoning (#2322) 
* pingora request smuggling and cache poisoning

Pingora has a request smuggling and cache poisoning vulnerability
affecting versions 0.5.0 and older, as documented here:
https://blog.cloudflare.com/resolving-a-request-smuggling-vulnerability-in-pingora/

* cleanup comments

* add cvss

* cve id not published yet, no formal cvss

* change to pingora-core

* cve published

* typo

* typo

* h1

* remove cvss again

* drop unused categories field and comments

---------

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2025-05-22 19:03:43 +01:00