CVE-2024-51502: loona-hpack Panic Vulnerability
(updated )
loona-hpack suffers from the same vulnerability as the original hpack as documented in https://github.com/mlalic/hpack-rs/issues/11
References
- github.com/advisories/GHSA-7vm6-qwh5-9x44
- github.com/advisories/GHSA-w7hm-hmxv-pvhf
- github.com/bearcove/loona
- github.com/bearcove/loona/commit/9a4028ec6484f50a320281271a41a5040ddb1ba8
- github.com/bearcove/loona/security/advisories/GHSA-7vm6-qwh5-9x44
- github.com/mlalic/hpack-rs/issues/11
- nvd.nist.gov/vuln/detail/CVE-2024-51502
Detect and mitigate CVE-2024-51502 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →