CVE-2020-11709

NameCVE-2020-11709
Descriptioncpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Notes

NOT-FOR-US: cpp-httplip
https://github.com/yhirose/cpp-httplib/issues/425

Search for package or bug name: Reporting problems