Linux Distros Unpatched Vulnerability : CVE-2016-9646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder-field method similar to the CGI-param API that led to Bugzilla's CVE-2014-1572, which can be...

CVE-2017-0356

A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authentication via repeated parameters...