FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a3e24de7-3f0c-11e9-87d1-00012e582166	py-gunicorn -- CWE-113 vulnerability Everardo reports: gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in process_headers function in gunicorn/http/wsgi.py that can result in an attacker causing the server to return arbitrary HTTP headers. Discovery 2018-04-02 Entry 2019-03-05 py27-gunicorn py35-gunicorn py36-gunicorn py37-gunicorn < 19.5.0 CVE-2018-1000164 https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5

VuXML ID

Description

a3e24de7-3f0c-11e9-87d1-00012e582166

py-gunicorn -- CWE-113 vulnerability

Everardo reports:

gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in process_headers function in gunicorn/http/wsgi.py that can result in an attacker causing the server to return arbitrary HTTP headers.

Discovery 2018-04-02
Entry 2019-03-05
py27-gunicorn
py35-gunicorn
py36-gunicorn
py37-gunicorn

< 19.5.0

CVE-2018-1000164
https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5