Every CVE whose affected-product data names Rust-lang Async-h1, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-26281 — CVSS 6.8 (medium): async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). There is a request smuggling vulnerability in async-h1 before version…
CVE-2020-36202 — CVSS 6.1 (medium): An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy.