9 matches found
CVE-2020-11709
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...
Fedora 38 : cpp-httplib (2023-0070b20b20)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-0070b20b20 advisory. Update to https://github.com/yhirose/cpp-httplib/releases/tag/v0.12.5 Tenable has extracted the preceding description block directly from the Fedora security...
SUSE CVE-2020-11709
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...
UBUNTU-CVE-2023-26130
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...
Crlf injection
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due...
CVE-2023-26130
The CVE-2023-26130 issue affects yhirose/cpp-httplib
CVE-2020-11709
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...
CVE-2020-11709
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...
CVE-2020-11709
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...