7 matches found
CVE-2026-13410
Dancer::Plugin::Auth::Google versions through 0.07 for Perl have TLS verification disabled. The default user agent is initialised with SSLverifymode explicitly disabled. An attacker with network man-in-the-middle MITM capability between the Dancer application and googleapis.com can intercept the...
CVE-2026-12746
CVE-2026-12746 affects Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 (Perl). The underlying issue is that the OAuth 2.0 state parameter is not supported, causing the authentication_url to redirect without a state value and the callback to process the response without binding it to t...
EUVD-2019-1832
Malware in sbrugna...
CVE-2019-1010084
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...
CVE-2019-1010084
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...
CVE-2019-1010084
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...
CVE-2019-1010084
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...