{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-02-02T10:00:00", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "JVN#39563771", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN39563771/index.html"}, {"name": "51102", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51102"}, {"name": "JVNDB-2012-000099", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2012-4023", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "JVN#39563771", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN39563771/index.html"}, {"name": "51102", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51102"}, {"name": "JVNDB-2012-000099", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:21:04.249Z"}, "title": "CVE Program Container", "references": [{"name": "JVN#39563771", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN39563771/index.html"}, {"name": "51102", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51102"}, {"name": "JVNDB-2012-000099", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2012-4023", "datePublished": "2012-11-08T11:00:00", "dateReserved": "2012-07-12T00:00:00", "dateUpdated": "2024-08-06T20:21:04.249Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:simon_brown:pebble:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBEB8925-026C-495D-AF36-67FF249BA013", "versionEndIncluding": "2.6.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "21FFAC21-8B75-4475-8277-A1249E615AAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7EA0EF40-566D-432D-8C7F-E885821C5575", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B12E869-D280-4CA4-AE6E-CD01EAA4D447", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "0582F1CE-E583-4343-9A85-E776E417E33C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "6C41588C-1E82-442A-B004-F2C9B13D0DA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.4:beta1:*:*:*:*:*:*", "matchCriteriaId": "A2E7FE34-D6DE-4DAD-BC97-7DECDFC3E031", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.4:beta2:*:*:*:*:*:*", "matchCriteriaId": "F033DCBC-5172-4947-8976-CF1A72D7878C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.4:beta3:*:*:*:*:*:*", "matchCriteriaId": "FCFA081E-120E-4978-A334-AE86F1FCA9E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "C9E419C8-6636-4516-93F5-0CFAD815D26D", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "190A5C14-0B67-416E-B487-1CB385928525", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D64F1AA-50B1-421C-934D-86345B3D0C70", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.5:beta1:*:*:*:*:*:*", "matchCriteriaId": "1A223112-0903-4CF8-A124-39785082BE97", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "2EF89C39-A8F1-4D34-B272-DA2ACEBEC1DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "541B8041-66D6-44B0-B811-C0F9DB68DDF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.6:beta3:*:*:*:*:*:*", "matchCriteriaId": "D7BEF5C4-8DD7-4836-A21C-2AAB6A91215B", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "E7FBA912-9E01-4A84-9FFF-3B2D7393DA93", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "92207B85-9E88-4A57-8482-9A83671A7FA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3D30AE47-A277-4B77-B6C9-F7C2E1C79121", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "BC29E29D-1915-4598-893B-BAC7404D98B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2552728-7A9D-441E-B344-D81C4A43BEF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:1.9:*:*:*:*:*:*:*", "matchCriteriaId": "A104C8DD-CB3A-4F2E-A78E-37E49C1633F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "D056297D-1E4C-4E90-ACE2-9200B5C89CCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.0.0:m1:*:*:*:*:*:*", "matchCriteriaId": "A45BD51A-3ADC-4271-BF9B-086408885EF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.0.0:m2:*:*:*:*:*:*", "matchCriteriaId": "B58B20D5-5E49-4121-9A9C-99E8AADD3F8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.0.0:m3:*:*:*:*:*:*", "matchCriteriaId": "8AFACAD5-2985-45DD-8163-8B409F5A9DA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "428B2B9C-D5DA-45D7-9E04-798958DAC087", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "5961A84D-6AC1-40CC-84C2-2B3EF989C92A", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0D359FF9-A9E0-45DB-BA30-7668A25DD624", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "54C9C979-7C00-456B-B34B-D9E83CE9BD65", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "AE37BA4F-DF8F-4A17-8C07-51B00DF3598C", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C2050DE2-8712-4056-B611-D17A0E578B14", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "31927AAE-4A13-4F6A-8D08-57CF3670D560", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB7E44DB-D91C-455E-92DB-A64D74EB38CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "D72ECE3C-C6B9-4FB2-9722-72E7D7B4A811", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "61FE5388-7C71-460B-AF06-FC8EF2494966", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "EE5C07BB-92C0-4ACE-AD7C-274600722E99", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "86924465-583F-461A-9AD2-AE35AB0B8042", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.5:m1:*:*:*:*:*:*", "matchCriteriaId": "0CB83BCC-E680-4693-B33F-A26DC8FE2D69", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.5:m2:*:*:*:*:*:*", "matchCriteriaId": "772EF5B4-DD52-4119-907A-AD08DF0568D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.5:rc1:*:*:*:*:*:*", "matchCriteriaId": "E0A86326-C98F-4AD5-BF89-4BAC81AE292D", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "1797D83B-FA27-4EFB-8C3C-4C1CF88EA326", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC71C09B-715A-4D31-8A77-43AF718AECBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "27BEFF76-0C33-45CD-9AA8-A143631497A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "240F99D3-3D44-4C97-B0DD-294F97D6CE4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.6:m1:*:*:*:*:*:*", "matchCriteriaId": "3EB81F58-98B7-42EA-BE44-BD8FE648D834", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "4128E9B3-CF81-4D7A-8B00-A8B94A8466D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:simon_brown:pebble:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "184C58E1-3208-4119-8531-C3444010A05C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n CRLF en Pebble antes de v2.6.4 permite a atacantes remotos inyectar cabeceras HTTP de su elecci\u00f3n y llevar a cabo ataques de divisi\u00f3n de respuesta HTTP a trav\u00e9s de vectores no especificados."}], "id": "CVE-2012-4023", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-08T11:46:24.253", "references": [{"source": "vultures@jpcert.or.jp", "url": "http://jvn.jp/en/jp/JVN39563771/index.html"}, {"source": "vultures@jpcert.or.jp", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099"}, {"source": "vultures@jpcert.or.jp", "url": "http://secunia.com/advisories/51102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://jvn.jp/en/jp/JVN39563771/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/51102"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}