Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-47154
The Net::CIDR::Lite module prior to 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2021-47155
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2021-47157
The Kossy module prior to 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling.
NA
CVE-2021-47156
The Net::IPAddress::Util module prior to 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
NA
CVE-2024-25021
IBM AIX 7.3, VIOS 4.1's Perl implementation could allow a non-privileged local user to exploit a vulnerability to execute arbitrary commands. IBM X-Force ID: 281320.
NA
CVE-2022-48623
The Cpanel::JSON::XS package prior to 4.33 for Perl performs out-of-bounds accesses in a way that allows malicious users to obtain sensitive information or cause a denial of service.
NA
CVE-2023-52431
The Plack::Middleware::XSRFBlock package prior to 0.0.19 for Perl allows malicious users to bypass a CSRF protection mechanism via an empty form value and an empty cookie (if signed cookies are disabled).
NA
CVE-2023-6078
An OS Command Injection vulnerability exists in BIOVIA Materials Studio products from Release BIOVIA 2021 through Release BIOVIA 2023. Upload of a specially crafted perl script can lead to arbitrary command execution.
3ds Biovia Materials Studio
NA
CVE-2024-23525
The Spreadsheet::ParseXLSX package prior to 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.
Tozt Spreadsheet\\ \\
NA
CVE-2024-22368
The Spreadsheet::ParseXLSX package prior to 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells.
Tozt Spreadsheet\\ \\
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »