2 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0[ad] regular expression. apt-cacher en versiones anteriores a 1.7.15 y apt-cacher-ng en versiones anteriores a 3.4 permiten división de respuestas HTTP a través de caracteres de nueva línea codificados, relacionados con la falta de bloqueo para la expresión regular de%0[ad] • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858739 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858833 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. Vulnerabilidad desconocida en apt-catcher en Debian 3.1 relacionada con "missing input sanitising", permite que atacantes remotos ejecuten código arbitrario en el servidor donde se cachea. • http://secunia.com/advisories/16327 http://www.debian.org/security/2005/dsa-772 http://www.securityfocus.com/bid/14459 https://exchange.xforce.ibmcloud.com/vulnerabilities/21664 •