4 matches found
CVE-2023-26137
creationtimestamp| type| source ---|---|--- 2023-07-06 12:37:34+00:00| seen| https://t.me/cibsecurity/66058...
CVE-2023-26137
All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values in the addHeader and addCookie functions. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and...
CVE-2023-26137
All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values in the addHeader and addCookie functions. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and...
CVE-2023-26137
The CVE-2023-26137 entry concerns drogOnframework/drogon (C++) and describes an HTTP Response Splitting vulnerability. Untrusted user input used to build header values in addHeader/addCookie can inject CRLF sequences (\r\n) to terminate HTTP headers and inject malicious content. The threat is des...