Miggo Logo

CVE-2018-1000164:
Gunicorn contains Improper Neutralization of CRLF sequences in HTTP headers

7.5

CVSS Score

Basic Information

EPSS Score
-
Published
7/12/2018
Updated
9/20/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
gunicornpip< 19.5.019.5.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

  1. The vulnerability description explicitly names 'process_headers' in 'gunicorn/http/wsgi.py' as the vulnerable function.
  2. Multiple authoritative sources (CVE, GHSA, Debian/Ubuntu security notices) confirm this function's role in header processing vulnerabilities.
  3. The CWE-93 classification directly maps to improper CRLF neutralization in HTTP headers.
  4. The issue #1227 in benoitc/gunicorn demonstrates practical exploitation scenarios involving CRLF injection through header manipulation.
  5. The patch in version 19.5.0 would logically target this specific header processing function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*uni*orn v*rsion **.*.* *ont*ins * *W*-***: Improp*r N*utr*liz*tion o* *RL* S*qu*n**s in *TTP *****rs vuln*r**ility in "pro**ss_*****rs" *un*tion in "*uni*orn/*ttp/ws*i.py" t**t **n r*sult in *n *tt**k*r **usin* t** s*rv*r to r*turn *r*itr*ry *TTP **

Reasoning

*. T** vuln*r**ility **s*ription *xpli*itly n*m*s 'pro**ss_*****rs' in '*uni*orn/*ttp/ws*i.py' *s t** vuln*r**l* *un*tion. *. Multipl* *ut*orit*tiv* sour**s (*V*, **S*, ***i*n/U*untu s**urity noti**s) *on*irm t*is *un*tion's rol* in *****r pro**ssin*