162 matches found
Medium: perl-HTTP-Tiny
Issue Overview: HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker w...
Fedora 43 : perl-HTTP-Tiny (2026-3bfb774625)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bfb774625 advisory. 0.094 - fix to prevent invalid characters in all headers, and prevent header smuggling CVE-2026-7010 Tenable has extracted the preceding description block...
[SECURITY] Fedora 44 Update: perl-HTTP-Tiny-0.094-1.fc44
This is a very simple HTTP/1.1 client, designed for doing simple GET requests without the overhead of a large framework like LWP::UserAgent. It is more correct and more complete than HTTP::Lite. It supports proxies currently only non-authenticating ones and redirection. It also correctly resumes...
Fedora 44 : perl-HTTP-Tiny (2026-703a749924)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-703a749924 advisory. 0.094 - fix to prevent invalid characters in all headers, and prevent header smuggling CVE-2026-7010 Tenable has extracted the preceding description block...
openSUSE 16 Security Update : perl-HTTP-Tiny (openSUSE-SU-2026:20792-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20792-1 advisory. Changes in perl-HTTP-Tiny: - updated to 0.094 0.094 - No changes from 0.093-TRIAL 0.093 - fix to prevent invalid characters in all headers, and prevent...
OPENSUSE-SU-2026:20792-1 Security update for perl-HTTP-Tiny
This update for perl-HTTP-Tiny fixes the following issues: Changes in perl-HTTP-Tiny: - updated to 0.094 0.094 - No changes from 0.093-TRIAL 0.093 - fix to prevent invalid characters in all headers, and prevent header smuggling CVE-2026-7010 bsc1264992 - updated to 0.092 0.092 - No changes from...
OESA-2026-2374 perl-HTTP-Tiny security update
This is a very simple HTTP/1.1 client, designed for doing simple requests without the overhead of a large framework like LWP::UserAgent. Security Fixes: HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are...
Astra Linux - уязвимость в perl
HTTP::Tiny, a Perl core module since version 5.13.9 and available as a standalone package on CPAN, has an insecure default TLS configuration. In this configuration, users are required to explicitly choose to verify certificates...
perl-HTTP-Tiny-0.094-1.1 on GA media (moderate)
perl-HTTP-Tiny-0.094-1.1 on GA media Announcement ID: openSUSE-SU-2026:10805-1 Rating: moderate Cross-References: CVE-2026-7010 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
MGASA-2026-0140 Updated perl-HTTP-Tiny packages fix security vulnerability
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. CVE-2026-7010...
Updated perl-HTTP-Tiny packages fix security vulnerability
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. CVE-2026-7010...
SUSE CVE-2026-7010
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...
Linux Distros Unpatched Vulnerability : CVE-2026-7010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and U...
DEBIAN-CVE-2026-7010
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...
CVE-2026-7010 HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values
HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...
PT-2026-39866
Name of the Vulnerable Software and Affected Versions HTTP::Tiny versions prior to 0.093 Description Perl HTTP::Tiny fails to validate CRLF Carriage Return Line Feed sequences in HTTP request lines or control field header values. The issue involves unvalidated inputs including the method and URI ...
CLSA-2026-1776788664 perl: Fix of CVE-2023-31486
CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...
MiracleLinux 9 : perl-HTTP-Tiny-0.076-461.el9 (AXSA:2023-6649:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6649:01 advisory. http-tiny: insecure TLS cert default CVE-2023-31486 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 8 : perl-HTTP-Tiny-0.074-2.el8 (AXSA:2023-7126:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7126:02 advisory. http-tiny: insecure TLS cert default CVE-2023-31486 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 7 : perl-HTTP-Tiny-0.033-3.0.1.el7.AXS7 (AXSA:2025-10975:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10975:01 advisory. CVE-2023-31486: fix insecure default TLS configuration Enable automated tests during build CVEs: CVE-2023-31486 HTTP::Tiny before 0.083, a Perl core module...