3 matches found
CVE-2018-12537
CVE-2018-12537 affects Eclipse Vert.x core: HTTP header processing in Vert.x HttpServer and HttpClient between Vert.x 3.0 and 3.5.1 does not filter CRLF characters, enabling injection of arbitrary HTTP headers in requests/responses. The issue stems from improper CRLF neutralization. Red Hat’s adv...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Application Runtimes security and bug fix update
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
HTTP Header Injection
vertx-core is vulnerable to HTTP header injections. The library does not validate HTTP header values, allowing attackers to inject arbitrary headers in requests. This vulnerability is a different vulnerability from CVE-2018-12537, however the fix for CVE-2018-12537 remediates this vulnerability...