CVE-2019-25009

Severity CVSS v4.0:
Pending analysis
Type:
CWE-415 Double Free
Publication date:
31/12/2020
Last modified:
17/06/2026

Description

An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:hyper:http:*:*:*:*:*:rust:*:* 0.1.20 (excluding)