9 matches found
EUVD-2024-3184
Malicious code in bioql PyPI...
CVE-2024-51501
Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes Header, HeaderCollection and Authorize are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the HttpHeaders.TryAddWithoutValidation method. This...
Carriage Return Line Feed(CRLF) Injection
Refit is vulnerable to Carriage Return Line FeedCRLF Injection. The vulnerability is due to lack of validation for CRLF characters in HTTP header values in the Refit library. Specifically, the HttpHeaders.TryAddWithoutValidation method used by Refit does not sanitize or check for CRLF sequences,...
CVE-2024-51501
Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes Header, HeaderCollection and Authorize are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the HttpHeaders.TryAddWithoutValidation method. This...
CVE-2024-51501 CRLF injection in Refit's [Header], [HeaderCollection] and [Authorize] attributes
Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes Header, HeaderCollection and Authorize are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the HttpHeaders.TryAddWithoutValidation method. This...
CVE-2024-51501
Refit (a .NET REST client) is vulnerable to CRLF injection via its header-related attributes (Header, HeaderCollection, Authorize). The underlying issue is lack of validation in HttpHeaders.TryAddWithoutValidation, which allows CRLF characters in header values, enabling header injection, request ...
CVE-2024-51501 CRLF injection in Refit's [Header], [HeaderCollection] and [Authorize] attributes
Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes Header, HeaderCollection and Authorize are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the HttpHeaders.TryAddWithoutValidation method. This...
PT-2024-34666 · .Net · Refit
Name of the Vulnerable Software and Affected Versions: Refit versions prior to 7.2.22 Refit versions prior to 8.0.0 Description: The Refit library for .NET Core, Xamarin, and .NET has a CRLF injection vulnerability in its header-related attributes. This vulnerability occurs because the...
Refit 注入漏洞
Refit is a library in the ReactiveUI open source. Refit suffers from an injection vulnerability that stems from failing to check for CRLF characters in the header value, making it vulnerable to server-side request forgery attacks...