Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HTTP.jl vulnerable to Header injection/Response splitting via header construction.
Vulnerability Description
HTTP.jl is an HTTP client and server functionality for the Julia programming language. Prior to version 1.10.19, HTTP.jl did not validate header names/values for illegal characters, allowing CRLF-based header injection and response splitting. This enables HTTP response splitting and header injection, leading to cache poisoning, XSS, session fixation, and more. This issue is fixed in HTTP.jl `v1.10.19`.
CVSS Information
N/A
Vulnerability Type
HTTP头部中CRLF序列转义处理不恰当(HTTP响应分割)
Vulnerability Title
Julia HTTP.jl 注入漏洞
Vulnerability Description
Julia HTTP.jl是Julia开源的一个Julia的HTTP协议。 Julia HTTP.jl 1.10.19之前版本存在注入漏洞,该漏洞源于未验证标头名称和值中的非法字符,可能导致HTTP响应拆分和标头注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A