27 Juil 2020
Vulnérabilité CVE-2020-7695 CVE Vulnerability
Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF sequences are not escaped in the value of HTTP headers. Attackers can exploit this to add arbitrary headers to HTTP responses, or even return an arbitrary response body, whenever crafted input is used to construct HTTP headers. (CVSS:5.0) (Last Update:2020-07-29)
Vulnerability Details : Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF sequences are not escaped in the value of HTTP headers. Attackers can exploit this to add arbitrary headers to HTTP responses, or even return an arbitrary response body, whenever crafted input is used to construct HTTP headers. Publish Date : 2020-07-27 Last Update Date : 2020-07-29 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2020-7695
- Number Of Affected Versions By Product
- References For CVE-2020-7695
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2020-7695There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |