CNNVD-202506-3176 Information

CNNVD ID

CNNVD-202506-3176

Related CVE

CVE-2025-52479

• CNNVD Published: 2025-06-25

Description (Chinese)

Julia URIs.jl是Julia开源的一个Julia的库。 Julia URIs.jl 1.6.0之前版本和HTTP.jl 1.10.17之前版本存在注入漏洞，该漏洞源于允许构造包含CRLF字符的URI，可能导致CRLF注入攻击。

Description (English)

Julia Ulis.jl is a library of Julia, an open source of Julia. Prior to Julia Ulis.jl 1.6.0 and before HTTP.jl 1.10.17, there was an injection loophole, which originated from the permission to construct a URL containing CRLF characters, which could result in an CRF injection attack.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Julia

Published

2025-06-25

Last Modified

2026-02-24

References

https://github.com/JuliaWeb/URIs.jl/pull/66 https://github.com/JuliaWeb/HTTP.jl/security/advisories/GHSA-4g68-4pxg-mw93 https://nvd.nist.gov/vuln/detail/CVE-2025-52479

Patch

https://github.com/JuliaWeb