Lucene search
K

391 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago10 views

SUSE SLES16 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:22187-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22187-1 advisory. This update for perl-HTTP-Daemon fixes the following issue - CVE-2026-8450: HTTP: Daemon versions before 6.17 for Perl allow OS command...

9.1CVSS5.9AI score0.01231EPSS
Exploits0References4
OSV
OSV
added 2026/06/20 6:49 a.m.2 views

SUSE-SU-2026:22187-1 Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issue - CVE-2026-8450: HTTP: Daemon versions before 6.17 for Perl allow OS command injection via sendfile bsc1266370...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

Fedora 43 : perl-HTTP-Daemon (2026-f276b2154e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f276b2154e advisory. Changes: 6.17 2026-05-19 23:11:06Z - Fix CVE-2026-8450 affects 6.15 and earlier: 2-arg open in sendfile enabled RCE / arbitrary file write / response-body...

9.1CVSS6AI score0.01231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

SUSE SLES12 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:2408-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2408-1 advisory. - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Tenable has extracted the preceding description block directly from the SUSE...

9.1CVSS5.9AI score0.01231EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

Fedora 44 : perl-HTTP-Daemon (2026-8982379b5c)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8982379b5c advisory. Changes: 6.17 2026-05-19 23:11:06Z - Fix CVE-2026-8450 affects 6.15 and earlier: 2-arg open in sendfile enabled RCE / arbitrary file write / response-body...

9.1CVSS6AI score0.01231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

SUSE SLED15 / SLES15 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:2442-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2442-1 advisory. - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Tenable has extracted the preceding description...

9.1CVSS5.9AI score0.01231EPSS
Exploits0References4
Fedora
Fedora
added 2026/06/19 1:1 a.m.8 views

[SECURITY] Fedora 44 Update: perl-HTTP-Daemon-6.17-1.fc44

Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon is a subclass of IO::Socket::IP, so you can perform socket operations directly on it too...

9.1CVSS5.2AI score0.01231EPSS
Exploits0
OSV
OSV
added 2026/06/16 7:57 a.m.3 views

SUSE-SU-2026:2408-1 Security update for perl-HTTP-Daemon

This update for perl-HTTP-Daemon fixes the following issues: - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370...

9.1CVSS5.2AI score0.01231EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.13 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : HTTP-Daemon vulnerability (USN-8419-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8419-1 advisory. It was discovered that HTTP-Daemon incorrectly handled untrusted input under certa...

9.1CVSS6AI score0.01231EPSS
Exploits0References2
Amazon
Amazon
added 2026/06/08 12:0 a.m.11 views

Important: perl-HTTP-Daemon

Issue Overview: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or...

9.1CVSS5.5AI score0.01231EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.12 views

Important: perl-HTTP-Daemon

Issue Overview: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or...

9.1CVSS5.5AI score0.01231EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.7 views

Amazon Linux 2023 : perl-HTTP-Daemon, perl-HTTP-Daemon-tests (ALAS2023-2026-1794)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1794 advisory. HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd...

9.1CVSS5.6AI score0.01231EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/06 6:42 a.m.12 views

CVE-2026-8450

A flaw was found in HTTP::Daemon, a Perl module used for creating HTTP servers. A remote attacker can exploit this vulnerability by providing specially crafted input to the sendfile function, leading to OS command injection. This allows the attacker to execute arbitrary commands on the system wit...

9.1CVSS6AI score0.01231EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/06 12:0 a.m.6 views

perl-HTTP-Daemon-6.170.0-1.1 on GA media (moderate)

perl-HTTP-Daemon-6.170.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10938-1 Rating: moderate Cross-References: CVE-2026-8450 CVSS scores: CVE-2026-8450 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...

8.1CVSS5.5AI score0.01231EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.14 views

PT-2026-45970

These are all security issues fixed in the perl-HTTP-Daemon-6.170.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References2
OSV
OSV
added 2026/06/02 12:0 a.m.3 views

OPENSUSE-SU-2026:10938-1 perl-HTTP-Daemon-6.170.0-1.1 on GA media

These are all security issues fixed in the perl-HTTP-Daemon-6.170.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 5:12 a.m.12 views

MGASA-2026-0157 Updated perl-HTTP-Daemon package fixes a security vulnerability

The updated package fixes a security vulnerability: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. CVE-2026-8450...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/27 10:58 a.m.10 views

SUSE CVE-2026-8450

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

8.1CVSS5.8AI score0.01231EPSS
Exploits0References6
NVD
NVD
added 2026/05/27 5:16 a.m.13 views

CVE-2026-8450

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

9.1CVSS0.01231EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 5:16 a.m.6 views

UBUNTU-CVE-2026-8450

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...

9.1CVSS5.8AI score0.01231EPSS
Exploits0References7
Rows per page
Query Builder