cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts.
CPE | Name | Operator | Version |
---|---|---|---|
cpp-httplib | eq | 0.4.2 | |
cpp-httplib | eq | 0.5.1 | |
cpp-httplib | eq | 0.3.0 | |
cpp-httplib | eq | 0.3.1 | |
cpp-httplib | eq | 0.4.1 | |
cpp-httplib | eq | 0.5.8 | |
cpp-httplib | eq | 0.2.4 | |
cpp-httplib | eq | 0.5.6 | |
cpp-httplib | eq | 0.5.5 | |
cpp-httplib | eq | 0.2.2 |