hyper and h2 vulnerable to denial of service High severity GitHub Reviewed Published 8 hours ago to the GitHub Advisory Database • Updated 2 hours ago [Vulnerability details](https://github.com/advisories/GHSA-f8vr-r385-rh5r) #52573
Replies: 2 comments
-
That alert lets you know about a security issue in an indirect dependency of your code (hyper, which reqwest needs). The usual advice would be to update the dependency ( So unless you want to rewrite your code to use a different HTTP client, I'm afraid the best you can do is to monitor hyperium/hyper#2877 and wait for a fix, and then update as soon as it's available. |
Beta Was this translation helpful? Give feedback.
-
🕒 Discussion Activity Reminder 🕒 This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions: 1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as 2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own. 3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution. Note: This dormant notification will only apply to Discussions with the Thank you for helping bring this Discussion to a resolution! 💬 |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
Hello Git Hub Community I need your help . If you feel you can provide "much needed" advice to my
error , I would be most appreciative. the courtesy of your reply is welcome .
problem : I would like to avoid a "high vulnerability alert posted to my git hub account.
Could you please offer to taker a look at this notification , and can you offer advice how I can resolve this obvious
mistake in my attempt to build my sustainable Git Hub Community.?
thank you very much!
GitHub Advisory Database GitHub Reviewed CVE-2023-26964
hyper and h2 vulnerable to denial of service
High severity GitHub Reviewed Published 8 hours ago to the GitHub Advisory Database • Updated 2 hours ago
Vulnerability details
Dependabot alerts
1
user:daukantas
daukantas/rustcastai
Cargo.lock • Created 2 hours ago
Give feedback on Dependabot alerts Beta
Footer
Beta Was this translation helpful? Give feedback.
All reactions