CVE-2012-4023
Pebble < 2.6.4 - CRLF Injection via HTTP Header Manipulation
Title source: llmDescription
CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN39563771/index.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51102
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000099
Scores
EPSS
0.0117
EPSS Percentile
63.6%
Details
CWE
CWE-20
Status
published
Products (32)
simon_brown/pebble
1.0
simon_brown/pebble
1.1
simon_brown/pebble
1.2
simon_brown/pebble
1.3
simon_brown/pebble
1.4 (4 CPE variants)
simon_brown/pebble
1.4.1
simon_brown/pebble
1.4.2
simon_brown/pebble
1.5 (3 CPE variants)
simon_brown/pebble
1.5.1
simon_brown/pebble
1.6 beta3
... and 22 more
Published
Nov 08, 2012
Tracked Since
Feb 18, 2026