[CKAN-Security] HTTP Response Splitting - Vulnerable module: WebOb
Adrià Mercader
adria.mercader at okfn.org
Mon Nov 19 13:18:12 UTC 2018
Hi Lukáš,
Thanks a lot for your report. We'll study it and get back to you as soon as
possible.
Best regards,
Adrià
On Mon, 19 Nov 2018 at 14:16, Lukáš Cígler <lukas.cigler at iseco.cz> wrote:
> Hello CKAN team,
>
> Testing with https://snyk.io utility I was able to find “HTTP Response
> Splitting“ vulnerability in your application.
> Vulnerable module: WebOb - Affecting webob package, versions [,1.6.0a0)
> https://snyk.io/test/github/ckan/ckan
>
> https://snyk.io/vuln/SNYK-PYTHON-WEBOB-40490
>
> Best Regards,
>
>
>
> *Lukáš Cígler*
>
> Senior Security Consultant
>
>
>
> *+420 776 142 266* <+420%20776%20142%20266> / lukas.cigler at iseco.cz /
> www.iseco.cz
>
> Bartůňkova 2349/3a, 149 00, Praha 4
>
>
>
>
>
>
>
>
> _______________________________________________
> CKAN security
> https://lists.okfn.org/mailman/listinfo/security
> https://lists.okfn.org/mailman/options/security/adria.mercader%40okfn.org
>
> Repo: https://github.com/ckan/ckan-security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.okfn.org/mailman/private/security/attachments/20181119/c01355b1/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 8323 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20181119/c01355b1/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 8323 bytes
Desc: not available
URL: <https://lists.okfn.org/mailman/private/security/attachments/20181119/c01355b1/attachment-0003.png>
More information about the Security
mailing list