Unrated severityNVD Advisory· Published May 30, 2014· Updated Jun 16, 2026
CVE-2012-5572
CVE-2012-5572
Description
CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:dancer:dancer:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:dancer:dancer:*:*:*:*:*:*:*:*range: <=1.3113
- cpe:2.3:a:dancer:dancer:1.150:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3060:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3071:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3079_3:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3079_5:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3110:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3111:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3111_01:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3112:*:*:*:*:*:*:*
- (no CPE)range: <1.3114
Patches
Vulnerability mechanics
References
6- advisories.mageia.org/MGASA-2013-0183.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2012/11/26/10nvd
- github.com/PerlDancer/Dancer/blob/devel/CHANGESnvd
- github.com/PerlDancer/Dancer/issues/859nvd
- lists.fedoraproject.org/pipermail/package-announce/2013-June/108749.htmlnvd
News mentions
0No linked articles in our index yet.