Amazon Linux 2 : perl-Module-ScanDeps (ALAS-2025-2738)

The version of perl-Module-ScanDeps installed on the remote host is prior to 1.10-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2738 advisory. Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local...

perl-Module-ScanDeps-1.370.0-1.1 on GA media (moderate)

perl-Module-ScanDeps-1.370.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14635-1 Rating: moderate Cross-References: CVE-2024-10224 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

OPENSUSE-SU-2025:14635-1 perl-Module-ScanDeps-1.370.0-1.1 on GA media

These are all security issues fixed in the perl-Module-ScanDeps-1.370.0-1.1 package on the GA media of openSUSE Tumbleweed...

Medium: perl-Module-ScanDeps

Issue Overview: Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...

Medium: perl-Module-ScanDeps

Issue Overview: Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...

PT-2024-36610 · Unknown · Graphics::Colornames

Name of the Vulnerable Software and Affected Versions: Graphics::ColorNames versions prior to 3.2.0 Description: The issue is related to an ambiguity between modules and filenames in the Graphics::ColorNames package for Perl, which can lead to HTML injection by an attacker who can create a file i...

OESA-2024-2496 perl-Module-ScanDeps security update

This module scans potential modules used by perl programs, and returns a hash reference; its keys are the module names as appears in %INC e.g. Test/More.pm; the values are hash references. Security Fixes: Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps,...

Fedora 41 : perl-Module-ScanDeps (2024-c05ef21f1f)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c05ef21f1f advisory. 1.37 - fix parsing of use if ... Fixes errors in PAR::Packer test t/90-rt59710.t - add test for parselibs 1.36 - Fix CVE-2024-10224: Unsanitized input leads ...

Fedora: Security Advisory (FEDORA-2024-8adf4a4b24)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : perl-Module-ScanDeps (2024-8adf4a4b24)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8adf4a4b24 advisory. 1.37 - fix parsing of use if ... Fixes errors in PAR::Packer test t/90-rt59710.t - add test for parselibs 1.36 - Fix CVE-2024-10224: Unsanitized input leads ...

CBL Mariner 2.0 Security Update: perl-Module-ScanDeps (CVE-2024-10224)

The version of perl-Module-ScanDeps installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10224 advisory. - Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, befor...

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-3

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-3. A patched version of the package is available...

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-2

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-2. A patched version of the package is available...

AZL-53397 CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-3

Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...

AZL-53394 CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-2

Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...

RHEL 7 : perl-module-signature (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-Module-Signature: unsigned files interpreted as signed in some circumstances CVE-2015-3406 -...

OESA-2024-1517 perl-Mojolicious security update

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

MGASA-2024-0127 Updated perl-HTTP-Body packages fix security vulnerability

HTTP::Body::Multipart in the HTTP-Body 1.08, 1.17, and earlier module for Perl uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume...

MGASA-2024-0117 Updated perl-Data-UUID packages fix security vulnerability

Perl module Data::UUID from CPAN version 1.219 is vulnerable to symlink attacks. CVE-2013-4184...

Updated perl-Data-UUID packages fix security vulnerability

Perl module Data::UUID from CPAN version 1.219 is vulnerable to symlink attacks. CVE-2013-4184...