2 matches found
BlackSheep's ClientSession is vulnerable to CRLF injection
Impact The HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new header or even create a new HTTP request. Exploitation requires developers to pass unsanitized user input...
HTTP Response Splitting
Overview SwiftNIOHTTP1 is a cross-platform asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to HTTP Response Splitting. This occurs when a HTTP/1.1 server...