Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-47156
The Net::IPAddress::Util module prior to 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2021-47157
The Kossy module prior to 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling.
NA
CVE-2021-47154
The Net::CIDR::Lite module prior to 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2021-47155
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2018-25099
In the CryptX module prior to 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.
NA
CVE-2024-25021
IBM AIX 7.3, VIOS 4.1's Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary commands. IBM X-Force ID: 281320.
NA
CVE-2023-52431
The Plack::Middleware::XSRFBlock package prior to 0.0.19 for Perl allows malicious users to bypass a CSRF protection mechanism via an empty form value and an empty cookie (if signed cookies are disabled).
NA
CVE-2022-48623
The Cpanel::JSON::XS package prior to 4.33 for Perl performs out-of-bounds accesses in a way that allows malicious users to obtain sensitive information or cause a denial of service.
NA
CVE-2023-6078
An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script can lead to arbitrary command execution.
3ds Biovia Materials Studio
NA
CVE-2024-23525
The Spreadsheet::ParseXLSX package prior to 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.
Tozt Spreadsheet\\ \\
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »