Lucene search
K

25 matches found

Prion
Prion
added 2016/12/16 9:59 a.m.15 views

Design/Logic Flaw

redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call...

4.3CVSS6.8AI score0.01761EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2016/12/16 9:59 a.m.6 views

PYSEC-2016-24

redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call...

6.5CVSS5.9AI score0.01761EPSS
Exploits0References5
CVE
CVE
added 2016/12/16 9:2 a.m.115 views

CVE-2016-9964

The CVE corresponds to a CRLF injection in bottle.py (bottle 0.12.10) where redirect() does not filter a "\r\n" sequence, enabling HTTP header injection. Public disclosures across multiple feeds confirm the issue is caused by improper handling of redirections, with clear remediation guidance to u...

6.5CVSS6.1AI score0.01761EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/12/16 9:2 a.m.29 views

CVE-2016-9964

redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call...

6.2AI score0.01761EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2016/12/16 9:2 a.m.45 views

CVE-2016-9964

redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call...

6.5CVSS6.4AI score0.01761EPSS
Exploits0
Rows per page
Query Builder