CNNVD-202510-1430 Information

CNNVD ID

CNNVD-202510-1430

Related CVE

CVE-2025-61689

• CNNVD Published: 2025-10-10

Description (Chinese)

Julia HTTP.jl是Julia开源的一个Julia的HTTP协议。 Julia HTTP.jl 1.10.19之前版本存在注入漏洞，该漏洞源于未验证标头名称和值中的非法字符，可能导致HTTP响应拆分和标头注入攻击。

Description (English)

Julia HTTP.jl is the HTTP agreement for Julia, an open source for Julia. There is an injection loophole in the pre-Julia HTTP.jl 1.10.19 version, which results from the failure to verify illegal characters in the name and value of the header, which may result in HTTP responding to the split and header injection attack.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Julia

Published

2025-10-10

Last Modified

2026-02-24

References

https://github.com/JuliaWeb/HTTP.jl/releases/tag/v1.10.19 https://github.com/JuliaWeb/HTTP.jl/security/advisories/GHSA-h3x8-ppwj-6vcj

Patch

https://github.com/JuliaWeb/HTTP.jl/releases