CVE-2018-1000164
Published: 18 April 2018
gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. This vulnerability appears to have been fixed in 19.5.0.
From the Ubuntu Security Team
It was discovered that gunicorn improperly handled certain input. An attacker could potentially use this issue execute a cross-site scripting (XSS) attack.
Notes
| Author | Note |
|---|---|
| mdeslaur | there are no reverse-depends on gunicorn in trusty, lowering priority to low |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
gunicorn Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(19.7.1-3)
|
| bionic |
Not vulnerable
|
|
| cosmic |
Not vulnerable
|
|
| disco |
Not vulnerable
|
|
| eoan |
Not vulnerable
|
|
| focal |
Not vulnerable
|
|
| groovy |
Not vulnerable
|
|
| hirsute |
Not vulnerable
|
|
| impish |
Not vulnerable
|
|
| jammy |
Not vulnerable
|
|
| trusty |
Released
(17.5-2ubuntu0.1~esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
| upstream |
Released
(19.5.0-1)
|
|
| xenial |
Released
(19.4.5-1ubuntu1.1)
|
|
|
Patches: upstream: https://github.com/benoitc/gunicorn/commit/5263a4ef2a63c62216680876f3813959839608ff upstream: https://github.com/benoitc/gunicorn/pull/1229/files |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | High |
| Availability impact | None |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |