Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-A3F9EC0264474AF46366F56F1ED7F74EHistoryAug 29, 2011 - 12:00 a.m.
Response Splitting Vulnerability in Ruby on Rails
2011-08-2900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
10
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
79.5%
A response splitting flaw can allow a remote attacker to inject arbitrary HTTP headers into a response due to insufficient sanitization of the values provided for response content types.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gem/actionpack | ge | 2.3.0.alpha0 | |
| gem/actionpack | lt | 2.3.13 |
Related
prion
prion
Crlf injection
2011-08-29 18:55:00
ubuntucve
ubuntucve
CVE-2011-3186
2011-08-29 00:00:00
cve
cve
CVE-2011-3186
2011-08-29 18:55:00
osv
osv
actionpack CRLF injection vulnerability
2017-10-24 18:33:38
rails - several
2012-01-23 00:00:00
rails - several
2012-01-23 00:00:00
debiancve
debiancve
CVE-2011-3186
2011-08-29 18:55:00
github
github
actionpack CRLF injection vulnerability
2017-10-24 18:33:38
nessus
nessus
Fedora 14 : rubygem-actionpack-2.3.8-4.fc14 (2011-11567)
2011-09-07 00:00:00
Debian DSA-2301-2 : rails - several vulnerabilities
2011-09-06 00:00:00
openSUSE Security Update : rubygem-actionmailer (openSUSE-SU-2011:1305-1)
2014-06-13 00:00:00
openvas
openvas
FreeBSD Ports: rubygem-rails
2011-09-21 00:00:00
FreeBSD Ports: rubygem-rails
2011-09-21 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2011-11567
2011-09-12 00:00:00
debian
debian
[SECURITY] [DSA 2301-1] rails security update
2011-09-05 20:25:54
[SECURITY] [DSA 2301-2] rails regression
2012-01-23 18:35:53
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-09-09 00:00:00
[SECURITY] [DSA 2301-1] rails security update
2011-09-09 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: rubygem-actionpack-2.3.8-4.fc14
2011-09-07 00:15:09
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
79.5%
Related for GITLAB-A3F9EC0264474AF46366F56F1ED7F74E