H2O CRLF Injection Vulnerability
H2O is a set of open source Web server software . The 'onreq' function in the lib/handler/redirect.c file of H2O suffers from a CRLF injection vulnerability that allows remote attackers to inject arbitrary HTTP headers using specially crafted URIs to perform HTTP response splitting attacks...