cve-2019-16771
Vulnerability from cvelistv5
Published
2019-12-06 19:00
Modified
2024-08-05 01:24
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. This vulnerability has been patched in 0.97.0. Potential impacts of this vulnerability include cross-user defacement, cache poisoning, Cross-site scripting (XSS), and page hijacking.
References
security-advisories@github.comhttps://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20Patch, Vendor Advisory
security-advisories@github.comhttps://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86Mailing List, Third Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:24:48.270Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Armeria",
          "vendor": "LINE",
          "versions": [
            {
              "lessThan": "0.97.0",
              "status": "affected",
              "version": "\u003c 0.97.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. This vulnerability has been patched in 0.97.0. Potential impacts of this vulnerability include cross-user defacement, cache poisoning, Cross-site scripting (XSS), and page hijacking."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-113",
              "description": "CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-11T14:46:09",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20"
        }
      ],
      "source": {
        "advisory": "GHSA-35fr-h7jr-hh86",
        "discovery": "UNKNOWN"
      },
      "title": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027) in Armeria",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2019-16771",
          "STATE": "PUBLIC",
          "TITLE": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027) in Armeria"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Armeria",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "\u003c 0.97.0",
                            "version_value": "0.97.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "LINE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. This vulnerability has been patched in 0.97.0. Potential impacts of this vulnerability include cross-user defacement, cache poisoning, Cross-site scripting (XSS), and page hijacking."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86",
              "refsource": "CONFIRM",
              "url": "https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86"
            },
            {
              "name": "https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20",
              "refsource": "MISC",
              "url": "https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-35fr-h7jr-hh86",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2019-16771",
    "datePublished": "2019-12-06T19:00:20",
    "dateReserved": "2019-09-24T00:00:00",
    "dateUpdated": "2024-08-05T01:24:48.270Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"0.85.0\", \"versionEndExcluding\": \"0.97.0\", \"matchCriteriaId\": \"7BB9CCDB-7459-4457-878A-371BFCA21B38\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. This vulnerability has been patched in 0.97.0. Potential impacts of this vulnerability include cross-user defacement, cache poisoning, Cross-site scripting (XSS), and page hijacking.\"}, {\"lang\": \"es\", \"value\": \"Las versiones 0.85.0 hasta la 0.96.0 incluy\\u00e9ndola de Armeria,  son vulnerables a una divisi\\u00f3n de la respuesta HTTP, lo que permite a atacantes remotos inyectar encabezados HTTP arbitrarios por medio de secuencias CRLF cuando datos no saneados son usados para llenar los encabezados de una respuesta HTTP. Esta vulnerabilidad ha sido parcheada en la versi\\u00f3n 0.97.0. Impactos potenciales de esta vulnerabilidad incluyen la desfiguraci\\u00f3n de usuarios cruzados, el envenenamiento de la cach\\u00e9, un ataque de tipo Cross-site scripting (XSS) y el secuestro de p\\u00e1ginas.\"}]",
      "id": "CVE-2019-16771",
      "lastModified": "2024-11-21T04:31:09.460",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 2.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 2.5}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-12-06T19:15:10.787",
      "references": "[{\"url\": \"https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-113\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-74\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-16771\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2019-12-06T19:15:10.787\",\"lastModified\":\"2024-11-21T04:31:09.460\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized data is used to populate the headers of an HTTP response. This vulnerability has been patched in 0.97.0. Potential impacts of this vulnerability include cross-user defacement, cache poisoning, Cross-site scripting (XSS), and page hijacking.\"},{\"lang\":\"es\",\"value\":\"Las versiones 0.85.0 hasta la 0.96.0 incluy\u00e9ndola de Armeria,  son vulnerables a una divisi\u00f3n de la respuesta HTTP, lo que permite a atacantes remotos inyectar encabezados HTTP arbitrarios por medio de secuencias CRLF cuando datos no saneados son usados para llenar los encabezados de una respuesta HTTP. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 0.97.0. Impactos potenciales de esta vulnerabilidad incluyen la desfiguraci\u00f3n de usuarios cruzados, el envenenamiento de la cach\u00e9, un ataque de tipo Cross-site scripting (XSS) y el secuestro de p\u00e1ginas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-113\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-74\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linecorp:armeria:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.85.0\",\"versionEndExcluding\":\"0.97.0\",\"matchCriteriaId\":\"7BB9CCDB-7459-4457-878A-371BFCA21B38\"}]}]}],\"references\":[{\"url\":\"https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.