21 matches found
EUVD-2021-1455
Malware in sbrugna...
EUVD-2024-2495
Malicious code in bioql PyPI...
Carriage Return Line Feed (CRLF) Injection
RestSharp is vulnerable to Carriage Return Line Feed CRLF Injection. The vulnerability is due to the lack of CRLF character validation in HTTP header values by the HttpHeaders.TryAddWithoutValidation method, which allows an attacker to inject additional HTTP headers or smuggle entire HTTP request...
CVE-2024-45302
RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. The way HTTP headers are added to a request is via the...
CVE-2024-45302 CRLF Injection in RestSharp's `RestRequest.AddHeader` method
RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. The way HTTP headers are added to a request is via the...
CVE-2024-45302
RestSharp on .NET is affected by a CRLF injection vulnerability in the header handling: HttpHeaders.TryAddWithoutValidation does not validate CRLF characters in header values, allowing header injection or HTTP request smuggling. The issue concerns RestSharp’s methods such as RestRequest.AddHeader...
CVE-2024-45302 CRLF Injection in RestSharp's `RestRequest.AddHeader` method
RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. The way HTTP headers are added to a request is via the...
CVE-2024-45302 CRLF Injection in RestSharp's `RestRequest.AddHeader` method
RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. The way HTTP headers are added to a request is via the...
GHSA-4RR6-2V9V-WCPC CRLF Injection in RestSharp's `RestRequest.AddHeader` method
Summary The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. Details The way HTTP headers are added to a request is via the HttpHeaders.TryAddWithoutValidation method: This...
CRLF Injection in RestSharp's `RestRequest.AddHeader` method
Summary The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. Details The way HTTP headers are added to a request is via the HttpHeaders.TryAddWithoutValidation method: This...
HTTP Response Splitting
Overview RestSharp is a Simple REST and HTTP API Client Affected versions of this package are vulnerable to HTTP Response Splitting via the HttpHeaders.TryAddWithoutValidation method. An attacker can manipulate HTTP headers and potentially perform HTTP request smuggling by inserting CRLF sequence...
PT-2024-31555 · Restsharp · Restsharp
Name of the Vulnerable Software and Affected Versions: RestSharp versions prior to 112.0.0 Description: The second argument to RestRequest.AddHeader the header value is vulnerable to CRLF injection. The same applies to RestRequest.AddOrUpdateHeader and RestClient.AddDefaultHeader. The way HTTP...
RestSharp 安全漏洞
RestSharp is RestSharp open source a .NET HTTP client library. NET HTTP client library with automatic serialization and deserialization, request and response type detection. A security vulnerability exists in versions prior to RestSharp 107 that stems from not validating CRLF characters when...
GHSA-9PQ7-RCXV-47VQ Incorrect Regular Expression in RestSharp
RestSharp 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service ReDoS when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus...
Incorrect Regular Expression in RestSharp
RestSharp 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service ReDoS when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus...
CVE-2021-27293
RestSharp 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service ReDoS when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus...
CVE-2021-27293
RestSharp 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service ReDoS when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus...
Design/Logic Flaw
RestSharp 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service ReDoS when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus...
CVE-2021-27293
RestSharp (a .NET HTTP client library) is vulnerable to a Regular Expression Denial of Service (ReDoS) in its string-to-DateTime conversion, due to a regex used when parsing server responses, in versions before 106.11.8-alpha.0.13. A malicious server response can cause the client to spend excessi...
CVE-2021-27293
RestSharp 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service ReDoS when converting strings into DateTimes. If a server responds with a malicious string, the client using RestSharp will be stuck processing it for an exceedingly long time. Thus...