CNNVD-202507-579 Information
Jul 05, 2025
cve
CNNVD ID
CNNVD-202507-579
Related CVE
- CNNVD Published: 2025-07-05
Description (Chinese)
hyper是hyperium开源的一个 Rust 的快速、正确的 HTTP 实现。 hyper 3.4.1及之前版本存在安全漏洞,该漏洞源于文件hyper/bin/rimraf-standalone.js中函数expand/braceExpand/ignoreMap存在正则表达式复杂性不足。
Description (English)
Hyper is a quick, correct HTTP realization of a Rust open source. There is a security loophole in hyper 3.4.1 and earlier versions, which stems from the lack of formal expression complexity of the function xpand/braceExpand/ignoreMap in document hyper/bin/rimraf-standardone.js.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
hyperium
Published
2025-07-05
Last Modified
2026-02-24
References
https://nvd.nist.gov/vuln/detail/CVE-2025-7074 https://access.redhat.com/security/cve/cve-2025-7074
Patch
https://github.com/vercel/hyper/releases
Share on: