Back to bug 1306203

Who When What Removed Added
Adam Mariš 2016-02-10 10:24:42 UTC Blocks 1306204
Adam Mariš 2016-02-10 10:25:58 UTC Depends On 1306206
Adam Mariš 2016-02-10 10:26:06 UTC Depends On 1306207
Adam Mariš 2016-02-10 10:26:17 UTC Depends On 1306208
Ján Rusnačko 2016-02-13 10:28:19 UTC CC jrusnack
John Skeoch 2016-04-18 07:56:33 UTC CC yeylon srevivo
Perry Myers 2016-04-19 00:42:01 UTC CC pmyers
Cedric Buissart 2016-11-22 10:39:00 UTC CC cbuissar
Cedric Buissart 2016-11-22 14:48:27 UTC Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=new,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=new,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=new,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=new,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected
Cedric Buissart 2016-11-22 14:48:46 UTC CC hhorak
Cedric Buissart 2016-11-22 16:57:55 UTC Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=new,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=new,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=new,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected
Cedric Buissart 2016-12-08 16:35:43 UTC Doc Text It was found that nodejs functions manipulating HTTP headers did not properly forbid invalid characters. An attacker with ability to temper with HTTP headers could use this flaw to inject a new-line, allowing a response splitting attack.
Eric Christensen 2016-12-09 14:52:04 UTC Doc Text It was found that nodejs functions manipulating HTTP headers did not properly forbid invalid characters. An attacker with ability to temper with HTTP headers could use this flaw to inject a new-line, allowing a response splitting attack. It was found that nodejs functions manipulating HTTP headers did not properly forbid invalid characters. An attacker with ability to tamper with HTTP headers could use this flaw to inject a new-line allowing a response splitting attack.
Cedric Buissart 2017-01-31 11:55:10 UTC CC abhgupta, dedgar, jgoulding, nodejs-sig, tdawson, tiwillia
Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=new,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=new,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix
Cedric Buissart 2017-01-31 14:03:45 UTC Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=new,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=affected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix
Cedric Buissart 2017-01-31 14:06:53 UTC Depends On 1417961
Cedric Buissart 2017-01-31 14:07:04 UTC Depends On 1417963
Cedric Buissart 2017-01-31 15:18:28 UTC Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=affected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=affected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix,openstack-9-optools/nodejs=new
Cedric Buissart 2017-01-31 15:18:46 UTC CC cvsbot-xmlrpc, jjoyce, kbasil
Tim Suter 2017-02-14 04:58:22 UTC Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openstack-7-optools/nodejs=new,openshift-enterprise-3/nodejs=affected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix,openstack-9-optools/nodejs=new impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openshift-enterprise-3/nodejs=affected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix
PnT Account Manager 2018-01-30 23:56:06 UTC CC aortega
Jason Shepherd 2018-04-03 04:50:16 UTC CC ahardin, dbaker, mchappel
Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openshift-enterprise-3/nodejs=affected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openshift-enterprise-3/nodejs=notaffected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix
PnT Account Manager 2018-06-29 22:07:11 UTC CC kseifried
Piotr Popieluch 2018-07-30 10:26:34 UTC CC piotr1212
Product Security DevOps Team 2019-09-29 13:44:17 UTC Whiteboard impact=moderate,public=20160209,reported=20160210,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-113,rhscl-2/nodejs010-nodejs=wontfix,openshift-enterprise-3/nodejs=notaffected,openshift-1/nodejs=affected,fedora-all/nodejs=affected,epel-all/nodejs=affected,rhscl-2/rh-nodejs4-nodejs=notaffected,openshift-enterprise-2/nodejs010-nodejs=wontfix
Ján Rusnačko 2020-03-04 11:39:51 UTC CC jrusnack
Jamie Nguyen 2020-05-13 10:10:21 UTC CC jamielinux
Product Security DevOps Team 2020-05-20 21:15:44 UTC Status NEW CLOSED
Resolution --- WONTFIX
Last Closed 2020-05-20 21:15:44 UTC

Back to bug 1306203