14 matches found
Debian: Security Advisory (DLA-61-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0486)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : perl-Plack (openSUSE-SU-2014:1639-1)
This perl-Plack update fixes the following security issue : - bnc892328: trailing slashes removed leading to source code disclosure CVE-2014-5269 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...
[ MDVSA-2014:235 ] perl-Plack
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:235 http://www.mandriva.com/en/support/security/ Package : perl-Plack Date : November 28, 2014 Affected: Business Server 1.0 Problem Description: Updated perl-Plack package fixes security vulnerability:...
Mandriva Linux Security Advisory : perl-Plack (MDVSA-2014:235)
Updated perl-Plack package fixes security vulnerability : Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a whitelist of generated files...
MGASA-2014-0486 Updated perl-Plack package fixes security vulnerability
Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a whitelist of generated files CVE-2014-5269...
Updated perl-Plack package fixes security vulnerability
Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a whitelist of generated files CVE-2014-5269...
[SECURITY] [DLA 61-1] libplack-perl security update
Package : libplack-perl Version : 0.9941-1+deb6u1 CVE ID : CVE-2014-5269 Apply fix for CVE-2014-5269: Plack::App::File would previously strip trailing slashes off provided paths. This could under specific circumstances lead to the unintended delivery of files. For details see...
CVE-2014-5269
Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static...
CVE-2014-5269
Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static...
CVE-2014-5269
CVE-2014-5269 affects Plack before 1.0031, specifically Plack::App::File. The flaw: trailing slashes are stripped from paths, which can bypass the whitelist used by Plack::Middleware::Static and lead to unintended delivery of sensitive files. The issue is documented in multiple advisories (Debian...
CVE-2014-5269
Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static...
Fedora Update for perl-Plack FEDORA-2014-9544
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for perl-Plack FEDORA-2014-9542
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...