Search CVE reports
1 – 10 of 309 results
Catalyst::Plugin::Authentication versions before 0.10_027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that...
1 affected package
libcatalyst-plugin-authentication-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcatalyst-plugin-authentication-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Unknown description]
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory (the...
1 affected package
libprotocol-http2-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libprotocol-http2-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Unknown description]
1 affected package
libhtml-gumbo-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libhtml-gumbo-perl | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
(Net::Statsd versions before 0.13 for Perl allow metric injections. Th ...)
1 affected package
libnet-statsd-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libnet-statsd-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) into the entity-value SV returned by hv_fetch on the...
1 affected package
libhtml-parser-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libhtml-parser-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Unknown description]
1 affected package
libnet-cidr-set-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libnet-cidr-set-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
[Unknown description]
1 affected package
libnet-cidr-set-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libnet-cidr-set-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
[Unknown description]
1 affected package
libnet-cidr-set-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libnet-cidr-set-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |