{"id":"CVE-2016-9964","details":"redirect() in bottle.py in bottle 0.12.10 doesn't filter a \"\\r\\n\" sequence, which leads to a CRLF attack, as demonstrated by a redirect(\"233\\r\\nSet-Cookie: name=salt\") call.","aliases":["GHSA-j6f7-hghw-g437","PYSEC-2016-24"],"modified":"2026-04-16T06:21:01.087914269Z","published":"2016-12-16T09:59:00.373Z","related":["openSUSE-SU-2024:11220-1"],"references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3743"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/94961"},{"type":"FIX","url":"https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54"},{"type":"FIX","url":"https://github.com/bottlepy/bottle/issues/913"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bottlepy/bottle","events":[{"introduced":"0"},{"last_affected":"bed58709f565bdfd9765773320c3c6f1b2c78716"},{"fixed":"6d7e13da0f998820800ecb3fe9ccee4189aefb54"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.12.10"}]}}],"versions":["0.12.0","0.12.1","0.12.10","0.12.2","0.12.3","0.12.4","0.12.5","0.12.6","0.12.7","0.12.8","0.12.9","0.4.10","0.4.11","0.4.12","0.4.13","0.4.14","0.5.1","0.5.3","0.5.4","0.5.5","0.5.6","0.8.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9964.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}