Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2017/07/20 12:0 a.m.108 views

Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (July 2017 CPU) (httpoxy)

The version of Oracle Enterprise Manager Grid Control installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the Bouncy Castle Java library due to improper validation of a point within the elliptic curve. An...

9.8CVSS7.7AI score0.55724EPSS
Exploits3References15
Tenable Nessus
Tenable Nessus
added 2016/03/25 12:0 a.m.26 views

openSUSE Security Update : perl (openSUSE-2016-386)

This update for perl fixes the following issues : - CVE-2016-2381: Fixed environment duplicated variable handling bug boo967082 - fix memory leak in 'use utf8' handling boo928292 - CVE-2015-8607: Fixed taint propagation in canonpath boo961528 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

7.5CVSS6.9AI score0.09007EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.29 views

Fedora 23 : perl-PathTools-3.60-2.fc23 (2016-69e506e02d)

This release fixes CVE-2015-8607 losing taint flag in File::Spec::canonpath subroutine. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...

7.5CVSS7.4AI score0.03124EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.27 views

Fedora 22 : perl-PathTools-3.47-312.fc22 (2016-4ca904238f)

This release fixes CVE-2015-8607 losing taint flag in File::Spec::canonpath subroutine. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...

7.5CVSS7.4AI score0.03124EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/01/21 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2016-0027)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.03124EPSS
Exploits0References5
Mageia
Mageia
added 2016/01/20 5:53 p.m.33 views

Updated perl and perl-PathTools packages fix security vulnerability

It was reported that File::Spec::canonpath routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code CVE-2015-8607...

7.5CVSS7.4AI score0.03124EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/01/15 12:0 a.m.18 views

Fedora Update for perl-PathTools FEDORA-2016-69

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.03124EPSS
Exploits0References2
OSV
OSV
added 2016/01/13 3:59 p.m.8 views

CVE-2015-8607

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...

7.3CVSS6.9AI score
Exploits0References13
CVE
CVE
added 2016/01/13 3:0 p.m.97 views

CVE-2015-8607

CVE-2015-8607 affects the Perl PathTools package, specifically the File::Spec::canonpath() function. The taint propagation bug can cause tainted input to be treated as untainted, potentially allowing unvalidated user data to reach sensitive code paths. The issue is observed in Perl environments u...

7.5CVSS6.8AI score0.03124EPSS
Exploits0References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/01/12 12:0 a.m.36 views

Debian DSA-3441-1 : perl - security update

David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...

7.5CVSS7.4AI score0.03124EPSS
Exploits0References4
Debian
Debian
added 2016/01/11 3:47 p.m.43 views

[SECURITY] [DSA 3441-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...

7.5CVSS1.7AI score0.03124EPSS
Exploits0
Debian
Debian
added 2016/01/11 3:47 p.m.33 views

[SECURITY] [DSA 3441-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3441-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2016 https://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.03124EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/01/11 12:0 a.m.27 views

Debian Security Advisory DSA 3441-1 (perl - security update)

David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...

7.5CVSS0.3AI score0.03124EPSS
Exploits0References1
Rows per page
Query Builder