admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-07-19 21:00:47 +00:00
parent 2fa99122bd
commit 59eb824841
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2022/31xxx/CVE-2022-31150.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\\r\\n` is a workaround for this issue.\n"
"value": "undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than 5.7.1. A fix was released in version 5.8.0. Sanitizing all HTTP headers from untrusted sources to eliminate `\\r\\n` is a workaround for this issue."
}
]
},

5
2022/34xxx/CVE-2022-34169.json
View File

@ -76,6 +76,11 @@
"refsource": "MISC",
"url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw",
"name": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/5"
}
]
},