VYPR
Vendor

Juliaweb

Products
4
CVEs
4
Across products
5
Status
Private

Products

4

Recent CVEs

4
  • CVE-2025-61689HigOct 10, 2025
    risk 0.57cvss epss 0.00

    HTTP.jl is an HTTP client and server functionality for the Julia programming language. Prior to version 1.10.19, HTTP.jl did not validate header names/values for illegal characters, allowing CRLF-based header injection and response splitting. This enables HTTP response splitting…

  • CVE-2025-52479HigJun 25, 2025
    risk 0.43cvss epss 0.00

    HTTP.jl provides HTTP client and server functionality for Julia, and URIs.jl parses and works with Uniform Resource Identifiers (URIs). URIs.jl prior to version 1.6.0 and HTTP.jl prior to version 1.10.17 allows the construction of URIs containing CR/LF characters. If user input…

  • CVE-2025-52569MedJun 25, 2025
    risk 0.36cvss epss 0.00

    GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 5.9.1 lack input validation of input validation for user-provided values in certain functions. In the `GitHub.repo()` function, the user can provide any string for the `repo_name` field.…

  • CVE-2025-50178MedJun 25, 2025
    risk 0.36cvss epss 0.00

    GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 0.4.3 lack input validation for user provided values in certain functions. In the `GitForge.get_repo` function for GitHub, the user can provide any string for the owner and repo fields. These…