Vulnerability	Vulnerable Version
H Improper Input Validation Affected versions of this package are vulnerable to Improper Input Validation such that the `User-Agent` and `Server` header parsers are susceptible to a fatal error on certain inputs. How to fix Improper Input Validation? Upgrade `org.http4s:http4s-core_3` to version 0.22.15, 0.23.17, 1.0.0-M38 or higher.	[0.22.0,0.22.15)[0.23.0,0.23.17)[1.0.0-M1,1.0.0-M38)
H HTTP Response Splitting Affected versions of this package are vulnerable to HTTP Response Splitting when untrusted user input is used to create any of the following fields: Header names (`Header.name`) Header values (`Header.value`) Status reason phrases (`Status.reason`) URI paths (`Uri.Path`) URI authority registered names (`URI.RegName`) How to fix HTTP Response Splitting? Upgrade `org.http4s:http4s-core_3` to version 0.21.29, 0.22.5, 0.23.4, 1.0.0-M27 or higher.	[,0.21.29)[0.22.0,0.22.5)[0.23.0,0.23.4)[1.0.0-M1,1.0.0-M27)

Improper Input Validation

Affected versions of this package are vulnerable to Improper Input Validation such that the User-Agent and Server header parsers are susceptible to a fatal error on certain inputs.

How to fix Improper Input Validation?

Upgrade org.http4s:http4s-core_3 to version 0.22.15, 0.23.17, 1.0.0-M38 or higher.

[0.22.0,0.22.15)[0.23.0,0.23.17)[1.0.0-M1,1.0.0-M38)

HTTP Response Splitting

Affected versions of this package are vulnerable to HTTP Response Splitting when untrusted user input is used to create any of the following fields:

Header names (Header.name)
Header values (Header.value)
Status reason phrases (Status.reason)
URI paths (Uri.Path)
URI authority registered names (URI.RegName)

How to fix HTTP Response Splitting?

Upgrade org.http4s:http4s-core_3 to version 0.21.29, 0.22.5, 0.23.4, 1.0.0-M27 or higher.

[,0.21.29)[0.22.0,0.22.5)[0.23.0,0.23.4)[1.0.0-M1,1.0.0-M27)

Go back to all versions of this package