Lucene search
K
HttpieHttpie

4 matches found

CVE
CVE
added 2023/11/16 12:0 a.m.304 views

CVE-2023-48052

CVE-2023-48052 affects HTTPie v3.2.2, where missing SSL certificate validation enables a network-based MITM, allowing eavesdropping and compromising confidentiality and integrity. CVSS v3.1 vectors reflect network access, high impact on confidentiality and integrity, and no user interaction requi...

7.4CVSS7.1AI score0.00305EPSS
CVE
CVE
added 2019/08/23 4:38 p.m.237 views

CVE-2019-10751

CVE-2019-10751 affects HTTPie: Open Redirect vulnerability in all versions prior to 1.0.3 that allows an attacker to write an arbitrary file with supplied filename and content to the current directory by redirecting an HTTP request to a crafted URL under attacker control. Remediation: upgrade HTT...

8.8CVSS8.4AI score0.02045EPSS
CVE
CVE
added 2022/03/07 11:10 p.m.173 views

CVE-2022-24737

CVE-2022-24737 affects the HTTPie command-line HTTP client. Before 3.1.0, HTTPie did not distinguish between cookies and the hosts they belonged to, which could lead to exposure of some cookies when redirects occur from the actual host to a third-party site. Public advisories and vendor notes con...

6.5CVSS6.2AI score0.01625EPSS
CVE
CVE
added 2022/03/15 2:20 p.m.154 views

CVE-2022-0430

CVE-2022-0430 affects HTTPie up to version 3.0.x (prior to 3.1.0). The root cause is that before 3.1.0, HTTPie’s session handling did not distinguish between cookies and their hosts, allowing cookies to be exposed during redirects to third-party sites. This led to exposure of sensitive informatio...

5.3CVSS4.5AI score0.01272EPSS