3 matches found
CVE-2023-26147
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and inject malicious content, like for example...
CVE-2023-26147
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and inject malicious content, like for example...
CVE-2023-26147
CVE-2023-26147 affects the ithewei/libhv package (all versions) and describes a vulnerability to HTTP Response Splitting when untrusted input is used to construct header values. An attacker can inject CRLF characters to terminate headers, enabling addition of new headers or a modified response bo...