Every CVE whose affected-product data names Ithewei Libhv, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-26146 — CVSS 6.1 (medium): All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that when a file with a name containing a…
CVE-2023-26148 — CVSS 5.4 (medium): All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An…
CVE-2023-26147 — CVSS 5.3 (medium): All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers…