VDB
DEBIAN-CVE-2012-5526
DEBIAN-CVE-2012-5526
PUBLISHED
CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | perl | 0, 0, 0 |
| Debian:12 | perl | 0, 0, 0 |
| Debian:13 | libcgi-pm-perl | 0, 0, 0 |
| Debian:14 | libcgi-pm-perl | 0, 0, 0 |
| Debian:13 | perl | 0, 0, 0 |
| Debian:11 | perl | 0, 0, 0 |
| Debian:12 | libcgi-pm-perl | 0, 0, 0 |
| Debian:11 | libcgi-pm-perl | 0, 0, 0 |
Timeline
- Nov 21, 2012 CVE Published
- Apr 28, 2026 CVE Updated