Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
module-signature project module-signature vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-3406
The PGP signature parsing in Module::Signature prior to 0.74 allows remote malicious users to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
NA
CVE-2015-3407
Module::Signature prior to 0.74 allows remote malicious users to bypass signature verification for files via a signature file that does not list the files.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Module-signature Project Module-signature
NA
CVE-2015-3408
Module::Signature prior to 0.74 allows remote malicious users to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
NA
CVE-2015-3409
Untrusted search path vulnerability in Module::Signature prior to 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started