apt-cacher prior to 1.7.15 and apt-cacher-ng prior to 3.4 allow HTTP response splitting via encoded newline characters, related to lack of blocking for the %0[ad] regular expression.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apt-cacher project apt-cacher |
||
apt-cacher-ng project apt-cacher-ng |