GHSA-27wf-5967-98gx:  Kubernetes kubelet arbitrary command execution

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

Affected versions of this crate called `mem::uninitialized()` in the HTTP1 parser to create values of type `httparse::Header` (from the `httparse` crate).
This is unsound, since `Header` contains references and thus must be non-null.
 
The flaw was corrected by avoiding the use of `mem::uninitialized()`, using `MaybeUninit` instead.


Affected versions of this crate called mem::uninitialized() in the HTTP1 parser to create values of type httparse::Header (from the httparse crate).  
This is unsound, since Header contains references and thus must be non-null.

The flaw was corrected by avoiding the use of mem::uninitialized(), using MaybeUninit instead.

**References**

*   hyperium/hyper#2545
*   https://rustsec.org/advisories/RUSTSEC-2022-0022.html

Headline

GHSA-f67m-9j94-qv9j: Parser creates invalid uninitialized value

ghsa: Latest News