Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CRLF Injection

🗓️ 21 May 2020 03:40:20Reported by Veracode Vulnerability DatabaseType 
veracode
 veracode🔗 sca.analysiscenter.veracode.com👁 20 Views

OpenJDK vulnerable to CRLF injection through HTTP headers in HttpServe

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics
4 Nov 202220:17
ibm
IBM Security Bulletins		Security Bulletin: IBM Kenexa LCMS Premier On Premise - IBM SDK, Java Technology Edition Quarterly CPU - Apr 2020 - Includes Oracle Apr 2020 CPU
17 Jun 202011:16
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in the IBM HTTP Server and IBM WebSphere Application Server used in IBM WebSphere Application Server in IBM Cloud
16 Jun 202013:32
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Operational Decision Manager (October 2019, January 2020 and April 2020 CPUs)
17 Jun 202013:44
ibm
IBM Security Bulletins		Security Bulletin: Apr 2020 : Multiple vulnerabilities in IBM Java Runtime affect IBM CICS TX on Cloud
14 Feb 202320:51
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM eDiscovery Analyzer
14 Jul 202016:35
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect z/TPF
21 Jul 202021:17
ibm
IBM Security Bulletins		Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020, Apr 2020
18 Aug 202109:51
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Conductor and IBM Spectrum Conductor with Spark
29 May 202006:48
ibm
IBM Security Bulletins		Security Bulletin: IBM Cognos Business Intelligence has addressed multiple vulnerabilities (Q12021)
29 Jan 202118:58
ibm
Rows per page
Vulners
Node
openjdk8openjdk8Match8.242.08-r0os
AND
alpinelinuxalpine_linuxMatch3.11
OR
openjdk7openjdk7Match7.221.2.6.18-r0os
AND
alpinelinuxalpine_linuxMatch3.11
OR
openjdk8openjdk8Match8.242.08-r0os
AND
alpinelinuxalpine_linuxMatch3.10
OR
openjdk7openjdk7Match7.221.2.6.18-r0os
AND
alpinelinuxalpine_linuxMatch3.9
OR
openjdk8openjdk8Match8.242.08-r0os
AND
alpinelinuxalpine_linuxMatch3.9
OR
openjdk7openjdk7Match7.221.2.6.18-r2os
AND
alpinelinuxalpine_linuxMatch3.12
OR
openjdk7openjdk7Match7.221.2.6.18-r0os
AND
alpinelinuxalpine_linuxMatch3.10
OR
openjdk8openjdk8Match8.222.10-r0os
AND
alpinelinuxalpine_linuxMatch3.8
OR
openjdk8openjdk8Match8.222.10-r0os
AND
alpinelinuxalpine_linuxMatch3.7
OR
openjdk7openjdk7Match7.221.2.6.18-r2os
AND
openjdk7openjdk7Match7.221.2.6.18-r1os
AND
openjdk7openjdk7Match7.221.2.6.18-r0os
AND
alpinelinuxalpine_linuxMatchedge
OR
openjdk11openjdk11Match11.0.6_p10-r0os
AND
openjdk11openjdk11Match11.0.6_p10-r1os
AND
alpinelinuxalpine_linuxMatchedge
OR
openjdk8openjdk8Match8.242.08-r1os
AND
openjdk8openjdk8Match8.242.08-r0os
AND
openjdk8openjdk8Match8.242.08-r2os
AND
alpinelinuxalpine_linuxMatchedge
OR
java-1.7.1-ibmjava-1.7.1-ibmMatch1.7.1.4.1_1jpp.1.el6_8
OR
java-1.7.1-ibmjava-1.7.1-ibmMatch1.7.1.3.40_1jpp.1.el6_7
OR
java-1.8.0-ibmjava-1.8.0-ibmMatch1.8.0.4.1_1jpp.1.el6_8
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.85_2.6.1.3.el6_6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.45_2.4.3.4.el6_5
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.79_2.5.5.4.el6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.9_2.3.5.3.el6_3
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.25_2.3.10.3.el6_4
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.101_2.6.6.4.el6_8
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.221_2.6.18.0.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.201_2.6.16.0.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.141_2.6.10.1.el6_9
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.95_2.6.4.0.el6_7
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.55_2.4.7.1.el6_5
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.65_2.5.1.2.el6_5
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.9_2.3.7.1.el6_3
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.9_2.3.3.2.el6_3
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.121_2.6.8.1.el6_8
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.241_2.6.20.0.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.171_2.6.13.0.el6_9
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.71_2.5.3.1.el6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.79_2.5.5.1.el6_6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.191_2.6.15.4.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.3_2.1.el6.7
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.51_2.4.4.1.el6_5
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.181_2.6.14.10.el6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.75_2.5.4.0.el6_6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.71_2.5.3.2.el6_6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.231_2.6.19.2.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.99_2.6.5.0.el6_7
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.99_2.6.5.1.el6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.161_2.6.12.0.el6_9
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.111_2.6.7.2.el6_8
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.91_2.6.2.2.el6_7
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3.3
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.101_2.6.6.1.el6_7
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.211_2.6.17.1.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.85_2.6.1.3.el6_7
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.79_2.5.5.3.el6_6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.9_2.3.8.0.el6_4
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.231_2.6.19.1.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.45_2.4.3.3.el6
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.19_2.3.9.1.el6_4
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.181_2.6.14.8.el6_9
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.25_2.3.10.4.el6_4
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.251_2.6.21.0.el6_10
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.45_2.4.3.2.el6_4
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.9_2.3.3.el6_3.1
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.151_2.6.11.0.el6_9
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.9_2.3.4.1.el6_3
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.181_2.6.14.1.el6_9
OR
java-1.7.0-openjdkjava-1.7.0-openjdkMatch1.7.0.131_2.6.9.0.el6_8
SourceLink
listswww.lists.debian.org/debian-lts-announce/2020/04/msg00024.html
accesswww.access.redhat.com/security/updates/classification/
accesswww.access.redhat.com/errata/RHSA-2020:2236
debianwww.debian.org/security/2020/dsa-4662
debianwww.debian.org/security/2020/dsa-4668
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CKAV6KFFAEANXAN73AFTGU7Z6YNRWCXQ/
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/CKAV6KFFAEANXAN73AFTGU7Z6YNRWCXQ/
listswww.lists.fedoraproject.org/archives/list/[email protected]/message/L7VHC4EW36KZEIDQ56RPCWBZCQELFFKN/
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L7VHC4EW36KZEIDQ56RPCWBZCQELFFKN/
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYHHHZRHXCBGRHGE5UP7UEB4IZ2QX536/
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Nov 2023 23:32Current
1.4Low risk
Vulners AI Score1.4
CVSS 34.8
CVSS 25.8
EPSS0.00606
SSVC
openjdkvulnerabilitycrlf injectionhttp headershttpserver
20