Количество 2
Количество 2
CVE-2019-17513
An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can occur.
GHSA-mvqp-q37c-wf9j
io.ratpack:ratpack-core vulnerable to Improper Neutralization of Special Elements in Output ('Injection')
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-17513 An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can occur. | CVSS3: 7.5 | 1% Низкий | больше 6 лет назад |
| GHSA-mvqp-q37c-wf9j io.ratpack:ratpack-core vulnerable to Improper Neutralization of Special Elements in Output ('Injection') | CVSS3: 7.5 | 1% Низкий | больше 6 лет назад |
Уязвимостей на страницу