VYPR
Unrated severityNVD Advisory· Published May 30, 2014· Updated Jun 16, 2026

CVE-2012-5572

CVE-2012-5572

Description

CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • Dancer/Dancer11 versions
    cpe:2.3:a:dancer:dancer:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:dancer:dancer:*:*:*:*:*:*:*:*range: <=1.3113
    • cpe:2.3:a:dancer:dancer:1.150:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3060:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3071:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3079_3:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3079_5:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3110:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3111:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3111_01:*:*:*:*:*:*:*
    • cpe:2.3:a:dancer:dancer:1.3112:*:*:*:*:*:*:*
    • (no CPE)range: <1.3114

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.