EPSS
Percentile
64.7%
The From implementation for Vec was not properly implemented, returning a vector backed by freed memory. This could lead to memory corruption or be exploited to cause undefined behavior.
A fix was published in version 0.1.3.
github.com/sagebind/chttp
github.com/sagebind/isahc/commit/9e9f1fb44114078c000c78c72e691eeb9e7ac260
github.com/sagebind/isahc/issues/2
nvd.nist.gov/vuln/detail/CVE-2019-16140
rustsec.org/advisories/RUSTSEC-2019-0016.html