2 matches found
CVE-2023-26142
All versions of the package crow are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values. Header values are not properly sanitized against CRLF Injection in the setheader and addheader functions. An attacker can add the \r\n carriage return line feeds...
cpp-httplib injection vulnerability
cpp-httplib is an HTTP/HTTPS server and client library written in C++. A security vulnerability exists in cpp-httplib version 0.5.8 and earlier, which stems from the program's failure to filter string-laden arguments passed to the 'setredirect' and 'setheader' functions. The vulnerability can be...