27 matches found
EUVD-2025-5808
Malicious code in bioql PyPI...
EUVD-2023-29981
Malicious code in bioql PyPI...
CVE-2023-26147
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and inject malicious content, like for example...
CVE-2023-26146
All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting XSS such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered...
CVE-2023-26148
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n carriage return line feeds characters and inject additional headers in the request sent...
CVE-2025-1867
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...
CVE-2025-1867
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...
CVE-2025-1867
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...
CVE-2025-1867 HTTP Response Smuggling Vulnerability in libhv
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...
CVE-2025-1867
CVE-2025-1867 concerns the libhv library (up to version 1.3.3) from ithewei, where an issue in the inconsistent interpretation of HTTP requests leads to HTTP Response Smuggling . The mechanism is primarily a root-cause of malformed request/response handling within libhv that can impact all three ...
CVE-2025-1867 HTTP Response Smuggling Vulnerability in libhv
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...
libhv 环境问题漏洞
libhv is an open source network library by ithewei that is easier to use than libevent/libuv/asio. An environment issue vulnerability exists in libhv 1.3.3 and earlier versions, which stems from inconsistent HTTP request interpretation and may result in HTTP response entrapment...
CVE-2023-26148
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n carriage return line feeds characters and inject additional headers in the request sent...
CVE-2023-26146
All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting XSS such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered...
CVE-2023-26147
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and inject malicious content, like for example...
CVE-2023-26146
All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting XSS such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered...
CVE-2023-26148
All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n carriage return line feeds characters and inject additional headers in the request sent...
CVE-2023-26147
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and inject malicious content, like for example...
CVE-2023-26147
CVE-2023-26147 affects the ithewei/libhv package (all versions) and describes a vulnerability to HTTP Response Splitting when untrusted input is used to construct header values. An attacker can inject CRLF characters to terminate headers, enabling addition of new headers or a modified response bo...
CVE-2023-26147
All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \r\n carriage return line feeds characters to end the HTTP response headers and inject malicious content, like for example...