Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cpan vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-31486
HTTP::Tiny prior to 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Http\\ \\ Tiny Project
Perl Perl
6.4
CVSSv2
CVE-2015-3406
The PGP signature parsing in Module::Signature prior to 0.74 allows remote malicious users to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
5
CVSSv2
CVE-2015-3407
Module::Signature prior to 0.74 allows remote malicious users to bypass signature verification for files via a signature file that does not list the files.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
Module-signature Project Module-signature
10
CVSSv2
CVE-2015-3408
Module::Signature prior to 0.74 allows remote malicious users to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
7.2
CVSSv2
CVE-2015-3409
Untrusted search path vulnerability in Module::Signature prior to 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module.
Module-signature Project Module-signature
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
7.5
CVSSv2
CVE-2012-6329
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl prior to 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent malicious users to execute arbitrary co...
Perl Perl 5.16.0
Perl Perl 5.14.3
Perl Perl 5.14.0
Perl Perl 5.13.2
Perl Perl 5.10.0
Perl Perl 5.12.0
Perl Perl 5.11.4
Perl Perl 5.11.2
Perl Perl 5.11.3
Perl Perl 5.12.3
Perl Perl
Perl Perl 5.16.1
Perl Perl 5.14.1
Perl Perl 5.13.0
Perl Perl 5.13.3
Perl Perl 5.11.0
Perl Perl 5.10
Perl Perl 5.12.1
Perl Perl 5.12.2
Perl Perl 5.10.1
Perl Perl 5.13.5
Perl Perl 5.13.4
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2