CVE-2021-41084: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

September 21, 2021 (updated October 25, 2022)

http4s is an open source scala interface for HTTP. Header values (Header.value), Status reason phrases (Status.reason), URI paths (Uri.Path), URI authority registered names (URI.RegName).

References

nvd.nist.gov/vuln/detail/CVE-2021-41084

Code Behaviors & Features

Detect and mitigate CVE-2021-41084 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →