Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typelevel http4s 0.22.0 vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2021-39185
Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 up to and including 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 up to and including 1.0.0-M24, the default CORS configuration is vulnerable to an origin reflection attack. The ...
Typelevel Http4s
Typelevel Http4s 0.23.0
Typelevel Http4s 0.23.1
Typelevel Http4s 1.0.0
5.8
CVSSv3
CVE-2021-32643
Http4s is a Scala interface for HTTP services. `StaticFile.fromUrl` can leak the presence of a directory on a server when the `URL` scheme is not `file://`, and the URL points to a fetchable resource under its scheme and authority. The function returns `F[None]`, indicating no re...
Typelevel Http4s
Typelevel Http4s 0.22.0
Typelevel Http4s 0.23.0
Typelevel Http4s 1.0.0
7.5
CVSSv3
CVE-2021-21294
Http4s (http4s-blaze-server) is a minimal, idiomatic Scala interface for HTTP services. Http4s prior to 0.21.17, 0.22.0-M2, and 1.0.0-M14 have a vulnerability which can lead to a denial-of-service. Blaze-core, a library underlying http4s-blaze-server, accepts connections unbounde...
Typelevel Http4s
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started