PT-2024-8548 · Eclipse +4 · Eclipse Jetty +4

Name of the Vulnerable Software and Affected Versions: Eclipse Jetty affected versions not specified Description: The HttpURI class in Eclipse Jetty does insufficient validation on the authority segment of a URI, which can lead to differences in how it handles invalid URIs compared to common...

CVE-2021-41084

http4s is an open source scala interface for HTTP. In affected versions http4s is vulnerable to response-splitting or request-splitting attacks when untrusted user input is used to create any of the following fields: Header names Header.nameå, Header values Header.value, Status reason phrases...