EUVD-2022-1184

Malicious code in bioql PyPI...

CVE-2019-10797

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled...

be.atbash.test:integration-testing (=2.2.0), be.atbash.test:integration-testing-database (=2.2.0) +511 more potentially affected by CVE-2024-41172 via org.apache.cxf:cxf-rt-transports-http (>=4.0.0 <=4.0.4)

org.apache.cxf:cxf-rt-transports-http MAVEN version =4.0.0, =1.0.0, =12.1-16, =0.0.1, =2.70.0, =2.71.1 - com.codbex.kronos:codbex-kronos-commons =2.70.0 - com.codbex.kronos:codbex-kronos-components-api-parent =2.69.0 - com.codbex.kronos:codbex-kronos-components-engine-xsjob =2.69.0 -...

cv.igrp:igrp-core (>=1.7.3.230801 <=1.7.3.230802), eu.unicore.security:secutils-cxf (=3.4.3) +293 more potentially affected by CVE-2024-41172 via org.apache.cxf:cxf-rt-transports-http (>=3.6.0 <=3.6.3)

org.apache.cxf:cxf-rt-transports-http MAVEN version =3.6.0, =1.7.3.230801, =3.0-M3, =3.0-M3, =3.0-M3, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =3.21.0, =3.22.4 and more Source cves: CVE-2024-41172 Source advisory: OSV:GHSA-4MGG-FQFQ-64HG...

br.com.swconsultoria:java-cte (>=3.00.4 <=4.00.14), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +180 more potentially affected by CVE-2012-5785 via org.apache.axis2:axis2-transport-http (>=1.5 <=1.7.9)

org.apache.axis2:axis2-transport-http MAVEN version =1.5, =3.00.4, =3.00.3, =4.00.10, =0.5.9, =0.3, =0.1.10, =0.0.3, =1.0.1.RELEASE, =9.00.2110.07.220316, =1.0.0, =1.0.22, =0.0.1, =1.0.0 and more Source cves: CVE-2012-5785 Source advisory: OSV:GHSA-WWQ7-PXWC-P4RC...

be.eliwan:eoddata-client (=1.0), br.com.esec.icpm:certillion-client-library (>=1.1.7 <=1.2.0) +279 more potentially affected by CVE-2012-5575 via org.apache.cxf:cxf-rt-transports-http (>=2.7.0 <=2.7.3)

org.apache.cxf:cxf-rt-transports-http MAVEN version =2.7.0, =1.1.7, =1.1.9, =1.2.5, =1.0.3, =1.0.3, =2.0.3, =1.0.0, =0.4.0, =0.4.1, =1.3.1, =1.2.3, =1.2.3, =2.3, =2.12 and more Source cves: CVE-2012-5575 Source advisory: OSV:GHSA-7V5V-9V8R-W864...

com.alibaba:dubbo (>=2.3.0 <=2.5.3), com.apitrary:apitrary-api-client (=0.1) +163 more potentially affected by CVE-2012-5575 via org.apache.cxf:cxf-rt-transports-http (>=2.6.0 <=2.6.6)

org.apache.cxf:cxf-rt-transports-http MAVEN version =2.6.0, =2.3.0, =0.0.2, =1.0.0, =1.0.0, =1.0.3, =1.0.M1, =1.0.M1, =1.0.M2, =1.0.0, =1.2.0 and more Source cves: CVE-2012-5575 Source advisory: OSV:GHSA-7V5V-9V8R-W864...

HTTP Response Splitting in WSO2 transport-http

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled...

GHSA-RVPC-W57P-Q95F HTTP Response Splitting in WSO2 transport-http

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled...

Design/Logic Flaw

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled...

HTTP Response Splitting

Overview org.wso2.transport.http:org.wso2.transport.http.netty is a HTTP protocol handling implementations for C5 based products. Affected versions of this package are vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled. Remediation Upgrade...