Vulnerability Details CVE-2012-4023
CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.6%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2012-4023
-
cpe:2.3:a:simon_brown:pebble:1.0
-
cpe:2.3:a:simon_brown:pebble:1.1
-
cpe:2.3:a:simon_brown:pebble:1.2
-
cpe:2.3:a:simon_brown:pebble:1.3
-
cpe:2.3:a:simon_brown:pebble:1.4
-
cpe:2.3:a:simon_brown:pebble:1.4.1
-
cpe:2.3:a:simon_brown:pebble:1.4.1_01
-
cpe:2.3:a:simon_brown:pebble:1.4.2
-
cpe:2.3:a:simon_brown:pebble:1.4.2_01
-
cpe:2.3:a:simon_brown:pebble:1.5
-
cpe:2.3:a:simon_brown:pebble:1.5.1
-
cpe:2.3:a:simon_brown:pebble:1.6
-
cpe:2.3:a:simon_brown:pebble:1.6.1
-
cpe:2.3:a:simon_brown:pebble:1.7
-
cpe:2.3:a:simon_brown:pebble:1.7.1
-
cpe:2.3:a:simon_brown:pebble:1.7.2
-
cpe:2.3:a:simon_brown:pebble:1.8
-
cpe:2.3:a:simon_brown:pebble:1.9
-
cpe:2.3:a:simon_brown:pebble:2.0
-
cpe:2.3:a:simon_brown:pebble:2.0.0
-
cpe:2.3:a:simon_brown:pebble:2.0.1
-
cpe:2.3:a:simon_brown:pebble:2.1
-
cpe:2.3:a:simon_brown:pebble:2.2
-
cpe:2.3:a:simon_brown:pebble:2.3
-
cpe:2.3:a:simon_brown:pebble:2.3.1
-
cpe:2.3:a:simon_brown:pebble:2.3.2
-
cpe:2.3:a:simon_brown:pebble:2.4
-
cpe:2.3:a:simon_brown:pebble:2.5
-
cpe:2.3:a:simon_brown:pebble:2.5.1
-
cpe:2.3:a:simon_brown:pebble:2.5.2
-
cpe:2.3:a:simon_brown:pebble:2.5.3
-
cpe:2.3:a:simon_brown:pebble:2.6
-
cpe:2.3:a:simon_brown:pebble:2.6.1
-
cpe:2.3:a:simon_brown:pebble:2.6.2
-
cpe:2.3:a:simon_brown:pebble:2.6.3