Vulnerability Details : CVE-2018-1000164
gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. This vulnerability appears to have been fixed in 19.5.0.
Exploit prediction scoring system (EPSS) score for CVE-2018-1000164
Probability of exploitation activity in the next 30 days: 0.49%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-1000164
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
[email protected] |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
[email protected] |
CWE ids for CVE-2018-1000164
-
The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.Assigned by: [email protected] (Primary)
References for CVE-2018-1000164
-
https://usn.ubuntu.com/4022-1/
-
https://lists.debian.org/debian-lts-announce/2018/04/msg00022.html
Third Party Advisory
-
https://github.com/benoitc/gunicorn/issues/1227
Exploit;Issue Tracking;Third Party Advisory
-
https://www.debian.org/security/2018/dsa-4186
Third Party Advisory
-
https://epadillas.github.io/2018/04/02/http-header-splitting-in-gunicorn-19.4.5
Exploit;Third Party Advisory
Products affected by CVE-2018-1000164
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:gunicorn:gunicorn:19.4.5:*:*:*:*:*:*:*