3 matches found
CVE-2024-51501
creationtimestamp| type| source ---|---|--- 2024-11-05 01:19:12+00:00| published-proof-of-concept| https://t.me/cvedetector/9800...
CVE-2024-51501 CRLF injection in Refit's [Header], [HeaderCollection] and [Authorize] attributes
Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes Header, HeaderCollection and Authorize are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the HttpHeaders.TryAddWithoutValidation method. This...
CVE-2024-51501
Refit (a .NET REST client) is vulnerable to CRLF injection via its header-related attributes (Header, HeaderCollection, Authorize). The underlying issue is lack of validation in HttpHeaders.TryAddWithoutValidation, which allows CRLF characters in header values, enabling header injection, request ...