search

alexliesenfeld / httpmock

HTTP mocking library for Rust
https://httpmock.rs
MIT License
471 stars 42 forks source link

Vulnerability GHSA-q6cp-qfwq-4gcv in httpmock's dependency - h2 #105

Closed orcame closed 1 month ago

orcame commented 5 months ago

Summary

The dependency h2(0.3.24) has vulnerability issue, check details from https://github.com/advisories/GHSA-q6cp-qfwq-4gcv

Details

The dependency h2(0.3.24) has vulnerability issue, check details from https://github.com/advisories/GHSA-q6cp-qfwq-4gcv Fixed in 0.4.4

The 'hyper' has new version. Need to update.

Dependency Tree

├─┬ httpmock 0.7.0 - Cargo │ └─┬ hyper 0.14.28 - Cargo │ └── h2 0.3.24 - Cargo

alexliesenfeld commented 5 months ago

Thanks! This will be addressed with then next release.

alexliesenfeld commented 1 month ago

Should be fixed starting with v0.8.0-alpha.1