CVE-2011-2732
Publication date 5 December 2012
Last updated 24 July 2024
Ubuntu priority
CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter.
Status
Package | Ubuntu Release | Status |
---|---|---|
libspring-security-2.0-java | ||
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |