Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:41 p.m.10 views

CVE-2020-6858

Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to CRLF Injection. This is exploitable if untrusted user input can appear in a response header...

6.5CVSS6.7AI score0.01162EPSS
Exploits1References1
CVE
CVE
added 2020/03/12 1:38 p.m.72 views

CVE-2020-6858

CVE-2020-6858 affects Hotels Styx up to 1.0.0.beta8. The issue is HTTP Response Splitting (CRLF injection) caused by disabling Netty’s HTTP header validation in Styx code paths: HttpHeaders.Builder configured with new DefaultHttpHeaders(false) and StyxToNettyResponseTranslator creating DefaultHtt...

6.5CVSS6.5AI score0.01162EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/03/12 1:38 p.m.34 views

CVE-2020-6858

Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to CRLF Injection. This is exploitable if untrusted user input can appear in a response header...

6.6AI score0.01162EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2020/03/03 3:32 p.m.5 views

com.hotels.styx:styx-api-testsupport (>=0.0.1.beta6 <=v0.0.5), com.hotels.styx:styx-backend-provider (>=0.0.1.beta6 <=v0.0.5) +11 more potentially affected by CVE-2020-6858 via com.hotels.styx:styx-api (>=styx-1.0.0.beta2 <=0.7.9)

com.hotels.styx:styx-api MAVEN version =styx-1.0.0.beta2, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =0.0.1.beta6, =v0.0.5 Source cves: CVE-2020-6858 Source advisory:...

6.5CVSS6.5AI score0.01162EPSS
Exploits1
Circl
Circl
added 2020/02/10 11:28 a.m.6 views

CVE-2020-6858

creationtimestamp| type| source ---|---|--- 2020-02-10 11:28:30+00:00| published-proof-of-concept| https://github.com/ExpediaGroup/styx/security/advisories/GHSA-6v7p-v754-j89v...

6.5CVSS6.6AI score0.01162EPSS
Exploits1References1
Rows per page
Query Builder