CNNVD-202601-2385 Information
CNNVD ID
CNNVD-202601-2385
Related CVE
- CNNVD Published: 2026-01-14
Description (Chinese)
BlackSheep是Neoteroi开源的一个Web应用框架。 BlackSheep 2.4.6之前版本存在注入漏洞,该漏洞源于HTTP客户端实现缺少标头验证,可能导致攻击者修改HTTP请求或创建新请求。
Description (English)
BlackSheep is a Web application framework for the Neoteroi open source. There was an injection loophole in the previous version of BlackSheep 2.4.6, which stemmed from the fact that HTTP clients had achieved a lack of header verification, which could lead the attackers to modify HTTP requests or create new ones.
Hazard Level
High
Vulnerability Type
注入
Affected Vendor
Neoteroi
Published
2026-01-14
Last Modified
2026-02-24
References
https://github.com/Neoteroi/BlackSheep/security/advisories/GHSA-6pw3-h7xf-x4gp https://github.com/Neoteroi/BlackSheep/commit/bd4ecb9542b5d52442276b5a6907931b90f38d12 https://github.com/Neoteroi/BlackSheep/releases/tag/v2.4.6 https://access.redhat.com/security/cve/cve-2026-22779
Patch
https://github.com/Neoteroi/BlackSheep/releases
Share on: