Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded yesterday4 views

JLSEC-2026-620 WebSocket reader data race in auto-PONG/CLOSE-echo handling in HTTP.jl

Description The WebSocket reader task processed incoming frames by calling wsonincomingdata! without holding ws.sendlock. That function is not a pure parser: its auto-PONG and CLOSE-echo paths push! onto the shared ws.codec.outgoingframes vector, while application send/ping/pong/close paths mutat...

5.9AI score
Exploits0References2
CNNVD
CNNVDadded 2025/10/10 12:0 a.m.2 views

Julia HTTP.jl 注入漏洞

Julia HTTP.jl is a Julia open source HTTP protocol for Julia. An injection vulnerability exists in Julia HTTP.jl versions prior to 1.10.19, which stems from illegal characters in unvalidated header names and values, and could lead to HTTP response splitting and header injection attacks...

9.2CVSS6.9AI score0.00311EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/10 12:0 a.m.2 views

PT-2025-41579

Name of the Vulnerable Software and Affected Versions HTTP.jl versions prior to 1.10.19 Description HTTP.jl, an HTTP client and server for the Julia programming language, did not properly validate header names and values, creating a risk of header injection and response splitting. This could lead...

9.2CVSS6.2AI score0.00311EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2025/06/25 4:6 p.m.2 views

CVE-2025-52479 HTTP.jl vulnerable to CR/LF Injection in URIs

HTTP.jl provides HTTP client and server functionality for Julia, and URIs.jl parses and works with Uniform Resource Identifiers URIs. URIs.jl prior to version 1.6.0 and HTTP.jl prior to version 1.10.17 allows the construction of URIs containing CR/LF characters. If user input was not otherwise...

8.7CVSS7.4AI score0.00363EPSS
Exploits0References3
CVE
CVEadded 2025/06/25 4:6 p.m.12 views

CVE-2025-52479

The CVE-2025-52479 issue affects URIs.jl (before v1.6.0) and HTTP.jl (before v1.10.17), enabling construction of URIs containing CR/LF characters and potentially enabling CRLF injection. The vulnerability is described in OSV-JLSEC-2025-1 and corroborated by Red Hat and CVE sources: using vulnerab...

8.7CVSS7.4AI score0.00363EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/06/25 4:6 p.m.11 views

CVE-2025-52479 HTTP.jl vulnerable to CR/LF Injection in URIs

HTTP.jl provides HTTP client and server functionality for Julia, and URIs.jl parses and works with Uniform Resource Identifiers URIs. URIs.jl prior to version 1.6.0 and HTTP.jl prior to version 1.10.17 allows the construction of URIs containing CR/LF characters. If user input was not otherwise...

8.7CVSS0.00363EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/06/25 12:0 a.m.3 views

PT-2025-26849 · Uris.Jl +1 · Uris.Jl +1

Name of the Vulnerable Software and Affected Versions: HTTP.jl versions prior to 1.10.17 URIs.jl versions prior to 1.6.0 Description: The issue allows the construction of URIs containing CR/LF characters, which can lead to a CRLF injection attack if user input is not properly escaped or protected...

8.7CVSS6.6AI score0.00363EPSS
Exploits0References4
Rows per page
Query Builder