CVE-2012-5572
- Source
- https://cve.org/CVERecord?id=CVE-2012-5572
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2012-5572.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2012-5572
- Downstream
- Published
- 2014-05-30T14:55:06Z
- Modified
- 2026-04-16T04:41:53.833036728Z
- Summary
- [none]
- Details
-
CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.
- References
-
- http://advisories.mageia.org/MGASA-2013-0183.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:184
- https://github.com/PerlDancer/Dancer/issues/859
- http://www.openwall.com/lists/oss-security/2012/11/26/10
- https://github.com/PerlDancer/Dancer/blob/devel/CHANGES
- https://lists.fedoraproject.org/pipermail/package-announce/2013-June/108749.html