Lucene search
Ubuntu.comUB:CVE-2012-2374HistoryMay 23, 2012 - 12:00 a.m.
CVE-2012-2374
2012-05-2300:00:00
ubuntu.com
ubuntu.com
8
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.8%
CRLF injection vulnerability in the tornado.web.RequestHandler.set_header
function in Tornado before 2.2.1 allows remote attackers to inject
arbitrary HTTP headers and conduct HTTP response splitting attacks via
crafted input.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | python-tornado | < 2.1.0-2ubuntu0.1 | UNKNOWN |
Related
github
github
Tornado CRLF injection vulnerability
2022-05-17 05:23:55
debiancve
debiancve
CVE-2012-2374
2012-05-23 20:55:01
openvas
openvas
Fedora Update for python-tornado FEDORA-2012-8217
2012-06-01 00:00:00
Fedora Update for python-tornado FEDORA-2012-8205
2012-06-01 00:00:00
Fedora Update for python-tornado FEDORA-2012-8194
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: python-tornado-2.2.1-1.fc15
2012-05-29 21:58:39
[SECURITY] Fedora 16 Update: python-tornado-2.2.1-1.fc16
2012-05-29 21:56:05
[SECURITY] Fedora 17 Update: python-tornado-2.2.1-1.fc17
2012-05-29 16:19:52
cvelist
cvelist
CVE-2012-2374
2012-05-23 20:00:00
nessus
nessus
Fedora 17 : python-tornado-2.2.1-1.fc17 (2012-8194)
2012-05-30 00:00:00
Fedora 15 : python-tornado-2.2.1-1.fc15 (2012-8205)
2012-05-30 00:00:00
Fedora 16 : python-tornado-2.2.1-1.fc16 (2012-8217)
2012-05-30 00:00:00
cve
cve
CVE-2012-2374
2012-05-23 20:55:01
osv
osv
PYSEC-2012-5
2012-05-23 20:55:00
prion
prion
Crlf injection
2012-05-23 20:55:00
nvd
nvd
CVE-2012-2374
2012-05-23 20:55:01
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.8%
Related for UB:CVE-2012-2374