EUVD-2022-43253

Malicious code in bioql PyPI...

CVE-2022-3918

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...

CVE-2022-1642

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard...

Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoder

Impact A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift...

GHSA-239C-6CV2-WWX8 Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoder

Impact A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift...

CVE-2022-3918

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...

CVE-2022-3918

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...

Crlf injection

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...

CVE-2022-3918

A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server,...

PT-2023-13704 · Apple · Swift-Corelibs-Foundation

Name of the Vulnerable Software and Affected Versions: swift-corelibs-foundation affected versions not specified Description: A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF injection in URLRequest headers. This allows a client to insert one or...

swift-corelibs-foundation 注入漏洞

Apple Swift is a programming language for macOS, iOS, watchOS, and tvOS from Apple USA. A security vulnerability exists in swift-corelibs-foundation versions prior to 5.7.3, which stems from the fact that programs using FoundationNetworking may be vulnerable to a CRLF injection attack in the...

CVE-2022-3918

CVE-2022-3918 involves Swift’s FoundationNetworking (swift-corelibs-foundation). A CRLF injection flaw in URLRequest headers allows a client to insert CRLF sequences into a header value, which may cause the server to parse extra headers or a second request when sent via URLSession. The vulnerabil...

CVE-2022-1642

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard...

CVE-2022-1642

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard...

Design/Logic Flaw

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard...

CVE-2022-1642

The CVE describes a denial-of-service vulnerability in Swift corelibs-foundation’s JSON decoding: when decoding JSON with a numeric value that includes a fractional part, JSONDecoder could crash due to a type-mismatch between validation and casting. Affected component: swift-corelibs-foundation (...

Apple Swift 代码问题漏洞

Apple Swift is a programming language for macOS, iOS, watchOS, and tvOS from Apple USA. A security vulnerability exists in Swift swift-corelibs-foundation version 5.6.1 and prior versions, which originates from a potentially malicious source that generates JSON documents containing type mismatche...