Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-5572

Опубликовано: 30 мая 2014
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dancer:dancer:*:*:*:*:*:*:*:*
Версия до 1.3113 (включая)
cpe:2.3:a:dancer:dancer:1.150:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3060:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3071:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3079_3:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3079_5:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3110:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3111:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3111_01:*:*:*:*:*:*:*
cpe:2.3:a:dancer:dancer:1.3112:*:*:*:*:*:*:*

EPSS

Процентиль: 66%
0.00516
Низкий

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2012-5572

ubuntu
больше 11 лет назад

CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.

debian логотип

CVE-2012-5572

debian
больше 11 лет назад

CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.p ...

github логотип

GHSA-cqwv-qc24-9rvm

github
больше 3 лет назад

CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.

EPSS

Процентиль: 66%
0.00516
Низкий

5 Medium

CVSS2

Дефекты

CWE-20