CVE-2023-26148 (libhv) | allinfosecnews.com

Sept. 29, 2023, 5:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the request sent.

attacker characters crlf injection cve headers inject injection input package request return untrusted vulnerable

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota

View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US

View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom

View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States

View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US

View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States

View on infosec-jobs.com