Lucene search
PRIOn knowledge basePRION:CVE-2023-26130HistoryMay 30, 2023 - 5:15 a.m.
Crlf injection
2023-05-3005:15:00
PRIOn knowledge base
www.prio-n.com
6
crlf injection
http
package vulnerability
untrusted user input
content-type header
logical errors
misbehaviors
cve-2020-11709
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors.
Note: This issue is present due to an incomplete fix for CVE-2020-11709.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cpp-httplib | lt | 0.12.4 |
References
gist.github.com/dellalibera/094aece17a86069a7d27f93c8aba2280
github.com/yhirose/cpp-httplib/commit/5b397d455d25a391ba346863830c1949627b4d08
github.com/yhirose/cpp-httplib/releases/tag/v0.12.4
lists.fedoraproject.org/archives/list/[email protected]/message/JY2E7EIRWQMKH6GY4OZOWWBZBY3Q7CGS/
security.snyk.io/vuln/SNYK-UNMANAGED-YHIROSECPPHTTPLIB-5591194
Related
gitlab
gitlab
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
2023-05-30 00:00:00
Injection Vulnerability
2020-04-12 00:00:00
osv
osv
CVE-2023-26130
2023-05-30 05:15:10
CVE-2020-11709
2020-04-12 14:15:10
ubuntucve
ubuntucve
CVE-2023-26130
2023-05-30 00:00:00
CVE-2020-11709
2020-04-12 00:00:00
vulnrichment
vulnrichment
CVE-2023-26130
2023-05-30 05:00:02
cve
cve
CVE-2023-26130
2023-05-30 05:15:10
CVE-2020-11709
2020-04-12 14:15:10
redhatcve
redhatcve
CVE-2023-26130
2023-05-30 13:10:18
debiancve
debiancve
CVE-2023-26130
2023-05-30 05:15:10
CVE-2020-11709
2020-04-12 14:15:10
nessus
nessus
Fedora 38 : cpp-httplib (2023-0070b20b20)
2023-06-12 00:00:00
Fedora 38 : et (2024-bd9e67c117)
2024-05-01 00:00:00
Fedora 39 : et (2024-94a155818c)
2024-05-01 00:00:00
cvelist
cvelist
CVE-2023-26130
2023-05-30 05:00:02
CVE-2020-11709
2020-04-12 13:30:29
nvd
nvd
CVE-2023-26130
2023-05-30 05:15:10
CVE-2020-11709
2020-04-12 14:15:10
fedora
fedora
[SECURITY] Fedora 38 Update: cpp-httplib-0.12.5-1.fc38
2023-06-11 02:03:38
[SECURITY] Fedora 38 Update: et-6.2.8-1.fc38
2024-05-02 01:45:00
[SECURITY] Fedora 40 Update: et-6.2.8-1.fc40
2024-05-02 01:58:39
openvas
openvas
Fedora: Security Advisory for cpp-httplib (FEDORA-2023-0070b20b20)
2023-06-12 00:00:00
Fedora: Security Advisory for et (FEDORA-2024-b745c97f4b)
2024-05-27 00:00:00
Fedora: Security Advisory for et (FEDORA-2024-94a155818c)
2024-05-27 00:00:00
prion
prion
Crlf injection
2020-04-12 14:15:00