Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35948 | 1 Nodejs | 1 Undici | 2024-11-21 | N/A | 5.3 MEDIUM |
| undici is an HTTP/1.1 client, written from scratch for Node.js.`=< undici@5.8.0` users are vulnerable to _CRLF Injection_ on headers when using unsanitized input as request headers, more specifically, inside the `content-type` header. Example: ``` import { request } from 'undici' const unsanitizedContentTypeInput = 'application/json\r\n\r\nGET /foo2 HTTP/1.1' await request('http://localhost:3000, { method: 'GET', headers: { 'content-type': unsanitizedContentTypeInput }, }) ``` The above snippet will perform two requests in a single `request` API call: 1) `http://localhost:3000/` 2) `http://localhost:3000/foo2` This issue was patched in Undici v5.8.1. Sanitize input when sending content-type headers using user input as a workaround. | |||||
| CVE-2022-31150 | 1 Nodejs | 1 Undici | 2024-11-21 | N/A | 5.3 MEDIUM |
| undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\r\n` is a workaround for this issue. | |||||
| CVE-2022-0666 | 1 Microweber | 1 Microweber | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. | |||||
| CVE-2021-4097 | 1 Phpservermonitor | 1 Php Server Monitor | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| phpservermon is vulnerable to Improper Neutralization of CRLF Sequences | |||||
| CVE-2021-39172 | 1 Catchethq | 1 Catchet | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can exploit a new line injection in the configuration edition feature (e.g. mail settings) and gain arbitrary code execution on the server. This issue was addressed in version 2.5.1 by improving `UpdateConfigCommandHandler` and preventing the use of new lines characters in new configuration values. As a workaround, only allow trusted source IP addresses to access to the administration dashboard. | |||||
| CVE-2020-11078 | 3 Debian, Fedoraproject, Httplib2 Project | 3 Debian Linux, Fedora, Httplib2 | 2024-11-21 | 4.3 MEDIUM | 6.8 MEDIUM |
| In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0. | |||||
| CVE-2019-9947 | 1 Python | 1 Python | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. | |||||
| CVE-2019-9741 | 4 Debian, Fedoraproject, Golang and 1 more | 5 Debian Linux, Fedora, Go and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command. | |||||
| CVE-2019-9740 | 1 Python | 1 Python | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. | |||||
| CVE-2019-7313 | 1 Buildbot | 1 Buildbot | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain. | |||||
| CVE-2019-11236 | 1 Python | 1 Urllib3 | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. | |||||
| CVE-2019-10678 | 1 Domoticz | 1 Domoticz | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options. | |||||
| CVE-2019-10272 | 1 Weaver | 1 E-cology | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Weaver e-cology 9.0. There is a CRLF Injection vulnerability via the /workflow/request/ViewRequestForwardSPA.jsp isintervenor parameter, as demonstrated by the %0aSet-cookie: substring. | |||||
| CVE-2018-6148 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2018-19585 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol. | |||||
| CVE-2018-12477 | 1 Opensuse | 1 Leap | 2024-11-21 | 6.4 MEDIUM | 3.5 LOW |
| A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affected releases are openSUSE Open Build Service: versions prior to d6244245dda5367767efc989446fe4b5e4609cce. | |||||
| CVE-2018-1000164 | 2 Debian, Gunicorn | 2 Debian Linux, Gunicorn | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. This vulnerability appears to have been fixed in 19.5.0. | |||||
| CVE-2017-7528 | 1 Redhat | 2 Ansible Tower, Cloudforms Management Engine | 2024-11-21 | 3.3 LOW | 5.2 MEDIUM |
| Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback). | |||||
| CVE-2017-18587 | 1 Hyper | 1 Hyper | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the hyper crate before 0.9.18 for Rust. It mishandles newlines in headers. | |||||
| CVE-2017-15400 | 1 Google | 1 Chrome Os | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. | |||||