Lucene search
GoogleOSV:PYSEC-2019-113HistoryJan 25, 2019 - 4:29 a.m.
PYSEC-2019-113
2019-01-2504:29:00
Google
osv.dev
5
0.001 Low
EPSS
Percentile
45.1%
CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pypiserver | eq | 1.1.8b1 | |
| pypiserver | eq | 1.2.2.dev0 | |
| pypiserver | eq | 0.1.3 | |
| pypiserver | eq | 1.1.7 | |
| pypiserver | eq | 1.1.9.dev2 | |
| pypiserver | eq | 1.2.1 | |
| pypiserver | eq | 1.2.3 | |
| pypiserver | eq | 0.1.1 | |
| pypiserver | eq | 0.1.2 | |
| pypiserver | eq | 0.1.0 |
Related
osv
osv
CRLF Injection in pypiserver
2019-01-30 20:56:26
CVE-2019-6802
2019-01-25 04:29:00
github
github
CRLF Injection in pypiserver
2019-01-30 20:56:26
cvelist
cvelist
CVE-2019-6802
2019-01-25 04:00:00
nvd
nvd
CVE-2019-6802
2019-01-25 04:29:00
cve
cve
CVE-2019-6802
2019-01-25 04:29:00
veracode
veracode
CRLF Injection
2019-01-28 02:45:24
prion
prion
Crlf injection
2019-01-25 04:29:00
nuclei
nuclei
Pypiserver <1.2.5 - Carriage Return Line Feed Injection
2022-12-05 23:32:40