Lucene search
+L

CVE-2022-3918

🗓️ 20 Jan 2023 00:00:00Reported by SwiftType 
cve
 cve
🔗 web.nvd.nist.gov👁 73 Views🌐 WEB

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. A client can insert CRLF sequences into a header value, leading to interpretation of extra headers or a second request by the server

Related
Detection
Affected
Refs
Paths
ReporterTitlePublishedViews
Family
Circl
CVE-2022-3918
20 Jan 202322:28
circl
CNNVD
swift-corelibs-foundation 注入漏洞
20 Jan 202300:00
cnnvd
Cvelist
CVE-2022-3918
20 Jan 202300:00
cvelist
EUVD
EUVD-2022-43253
3 Oct 202520:07
euvd
NVD
CVE-2022-3918
20 Jan 202320:15
nvd
OSV
CVE-2022-3918
20 Jan 202300:00
osv
Prion
Crlf injection
20 Jan 202320:15
prion
Positive Technologies
PT-2023-13704 · Apple · Swift-Corelibs-Foundation
20 Jan 202300:00
ptsecurity
RedhatCVE
CVE-2022-3918
23 May 202501:20
redhatcve
Vulnrichment
CVE-2022-3918
20 Jan 202300:00
vulnrichment
Rows per page
NVD
Node
[
  {
    "vendor": "Swift Project",
    "product": "Swift Foundation",
    "versions": [
      {
        "version": "unspecified",
        "lessThanOrEqual": "5.7.2",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
Fooheader/CRLF injection in URLRequest header enables crafting additional headers or requests (e.g., a second request to /other) when sent via URLSession.CWE-74

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation