Unrated severityNVD Advisory· Published May 30, 2014· Updated May 6, 2026
CVE-2012-5572
CVE-2012-5572
Description
CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.
Affected products
10cpe:2.3:a:dancer:dancer:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:dancer:dancer:*:*:*:*:*:*:*:*range: <=1.3113
- cpe:2.3:a:dancer:dancer:1.150:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3060:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3071:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3079_3:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3079_5:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3110:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3111:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3111_01:*:*:*:*:*:*:*
- cpe:2.3:a:dancer:dancer:1.3112:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- advisories.mageia.org/MGASA-2013-0183.htmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2012/11/26/10nvd
- github.com/PerlDancer/Dancer/blob/devel/CHANGESnvd
- github.com/PerlDancer/Dancer/issues/859nvd
- lists.fedoraproject.org/pipermail/package-announce/2013-June/108749.htmlnvd
News mentions
0No linked articles in our index yet.