Vulnerabilities > Simon Brown > Pebble > 1.7.2

DATE CVE VULNERABILITY TITLE RISK
2012-11-08 CVE-2012-4023 Improper Input Validation vulnerability in Simon Brown Pebble
CRLF injection vulnerability in Pebble before 2.6.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. 		4.3
4.3
2012-11-08 CVE-2012-4022 Permissions, Privileges, and Access Controls vulnerability in Simon Brown Pebble
Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment.
network
low complexity
simon-brown CWE-264
6.4
6.4
2012-11-04 CVE-2012-5170 Improper Input Validation vulnerability in Simon Brown Pebble
Open redirect vulnerability in Pebble before 2.6.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. 		5.8
5.8
2009-02-25 CVE-2009-0736 Cross-Site Scripting vulnerability in Simon Brown Pebble
Cross-site scripting (XSS) vulnerability in Pebble before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 		4.3
4.3