threat
engine
.sh
Back
·
··:··
Home
/
Product
/
hyper
Product
hyper
15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-7074
<= 3.4.1
A vulnerability classified as problematic has been found in vercel hyper up to 3.4.1. This affects the function expand/braceExpand
4.3
MEDIUM
CVE-2024-23741
<= 3.4.1
An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enabl
9.8
CRITICAL
CVE-2023-26964
all versions
An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames.
7.5
HIGH
CVE-2022-31394
< 0.14.19
Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software,
7.5
HIGH
CVE-2021-32715
< 0.14.10
hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a `Cont
3.1
LOW
CVE-2021-32714
< 0.14.10
hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a flaw that could trigger
5.9
MEDIUM
CVE-2021-21299
>= 0.12.0 and < 0.13.10
hyper is an open-source HTTP library for Rust (crates.io). In hyper from version 0.12.0 and before versions 0.13.10 and 0.14.3 the
4.8
MEDIUM
CVE-2020-35863
< 0.12.34
An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can oc
9.8
CRITICAL
CVE-2019-25009
< 0.1.20
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundn
9.8
CRITICAL
CVE-2020-25574
< 0.1.20
An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve() could result in deni
7.5
HIGH
CVE-2017-18587
< 0.9.18
An issue was discovered in the hyper crate before 0.9.18 for Rust. It mishandles newlines in headers.
5.3
MEDIUM
CVE-2016-10932
< 0.9.4
An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows. There is an HTTPS man-in-the-middle vulnerability bec
4.8
MEDIUM
CVE-2018-10205
all versions
hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the container_setup_modules and hyper_rescan_scsi functions in container.c,
5.3
MEDIUM
CVE-2018-9862
all versions
util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the pres
7.8
HIGH
CVE-2016-6581
all versions
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a deni
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin