Описание
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 3.50-1 |
| hardy | DNE | |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | not-affected | 3.50-1 |
| oneiric | not-affected | 3.50-1 |
| precise | not-affected | 3.50-1 |
| quantal | not-affected | 3.50-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1.111-2 |
| hardy | ignored | end of life |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | not-affected | 1.111-2 |
| oneiric | not-affected | 1.111-2 |
| precise | not-affected | 1.111-2 |
| quantal | not-affected | 1.111-2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 5.8.7-10ubuntu1.3 |
| devel | not-affected | 5.10.1-17ubuntu1 |
| hardy | released | 5.8.8-12ubuntu0.5 |
| karmic | ignored | end of life |
| lucid | released | 5.10.1-8ubuntu2.1 |
| maverick | released | 5.10.1-12ubuntu2.1 |
| natty | not-affected | 5.10.1-17ubuntu1 |
| oneiric | not-affected | 5.10.1-17ubuntu1 |
| precise | not-affected | 5.10.1-17ubuntu1 |
| quantal | not-affected | 5.10.1-17ubuntu1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.
CRLF injection vulnerability in the header function in (1) CGI.pm befo ...
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.
EPSS
4.3 Medium
CVSS2