Back to search
CVE-2020-11709
Published: Apr 12, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/yhirose/cpp-httplib/issues/425
x_refsource_MISC
https://gist.github.com/shouc/a9330df817128bc4c4132abf3de09495
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now