undici: Undici: HTTP header injection and request smuggling vulnerability

A flaw was found in undici, a Node.js HTTP/1.1 client. This vulnerability allows a remote attacker to inject malicious data into HTTP headers or prematurely end HTTP requests by sending specially crafted input to the upgrade option of client.request. This is possible because undici does not...

The vulnerability of the microprogramming software of Siemens Simatic S7-1200 programmable logic controllers allows a malicious individual to inject HTML headers.

The software of the programmable logic controller Simatic S7-1200 contains a vulnerability that allows a malicious individual to inject an HTML header into the device’s web server...