Junkurihara Httpsig-rs
2 CVEs affecting Junkurihara Httpsig-rs. Latest disclosed: 2026-02-19. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-26275 | High | 7.5 | 2026-02-19 | httpsig-hyper is a hyper extension for http message signatures. An issue was discovered in `httpsig-hyper` prior to version 0.0.23 where Digest header verifica… |
CVE-2025-59058 | Medium | 5.9 | 2025-09-12 | httpsig-rs is a Rust implementation of IETF RFC 9421 http message signatures. Prior to version 0.0.19, the HMAC signature comparison is not timing-safe. This m… |