2 matches found
CVE-2022-3215
CVE-2022-3215 affects NIOHTTP1 and projects using it (e.g., SwiftNIO) where user input reflected into HTTP response headers can enable a HTTP Response Injection via CRLF sequences. The root cause is improper handling of input in HTTP headers, allowing newlines to be injected into responses, poten...
CVE-2022-3215
NIOHTTP1 and projects using it for generating HTTP responses can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming request and reflects it into a HTTP/1.1 response header in some form. A malicious user can add newlines...