391 matches found
SUSE SLES16 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:22187-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22187-1 advisory. This update for perl-HTTP-Daemon fixes the following issue - CVE-2026-8450: HTTP: Daemon versions before 6.17 for Perl allow OS command...
SUSE-SU-2026:22187-1 Security update for perl-HTTP-Daemon
This update for perl-HTTP-Daemon fixes the following issue - CVE-2026-8450: HTTP: Daemon versions before 6.17 for Perl allow OS command injection via sendfile bsc1266370...
Fedora 43 : perl-HTTP-Daemon (2026-f276b2154e)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f276b2154e advisory. Changes: 6.17 2026-05-19 23:11:06Z - Fix CVE-2026-8450 affects 6.15 and earlier: 2-arg open in sendfile enabled RCE / arbitrary file write / response-body...
SUSE SLES12 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:2408-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2408-1 advisory. - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Tenable has extracted the preceding description block directly from the SUSE...
Fedora 44 : perl-HTTP-Daemon (2026-8982379b5c)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8982379b5c advisory. Changes: 6.17 2026-05-19 23:11:06Z - Fix CVE-2026-8450 affects 6.15 and earlier: 2-arg open in sendfile enabled RCE / arbitrary file write / response-body...
SUSE SLED15 / SLES15 Security Update : perl-HTTP-Daemon (SUSE-SU-2026:2442-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2442-1 advisory. - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370. Tenable has extracted the preceding description...
[SECURITY] Fedora 44 Update: perl-HTTP-Daemon-6.17-1.fc44
Instances of the HTTP::Daemon class are HTTP/1.1 servers that listen on a socket for incoming requests. The HTTP::Daemon is a subclass of IO::Socket::IP, so you can perform socket operations directly on it too...
SUSE-SU-2026:2408-1 Security update for perl-HTTP-Daemon
This update for perl-HTTP-Daemon fixes the following issues: - CVE-2026-8450: Fixed OS command injection via sendfile bsc1266370...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : HTTP-Daemon vulnerability (USN-8419-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8419-1 advisory. It was discovered that HTTP-Daemon incorrectly handled untrusted input under certa...
Important: perl-HTTP-Daemon
Issue Overview: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or...
Important: perl-HTTP-Daemon
Issue Overview: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or...
Amazon Linux 2023 : perl-HTTP-Daemon, perl-HTTP-Daemon-tests (ALAS2023-2026-1794)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1794 advisory. HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd...
CVE-2026-8450
A flaw was found in HTTP::Daemon, a Perl module used for creating HTTP servers. A remote attacker can exploit this vulnerability by providing specially crafted input to the sendfile function, leading to OS command injection. This allows the attacker to execute arbitrary commands on the system wit...
perl-HTTP-Daemon-6.170.0-1.1 on GA media (moderate)
perl-HTTP-Daemon-6.170.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10938-1 Rating: moderate Cross-References: CVE-2026-8450 CVSS scores: CVE-2026-8450 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...
PT-2026-45970
These are all security issues fixed in the perl-HTTP-Daemon-6.170.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10938-1 perl-HTTP-Daemon-6.170.0-1.1 on GA media
These are all security issues fixed in the perl-HTTP-Daemon-6.170.0-1.1 package on the GA media of openSUSE Tumbleweed...
MGASA-2026-0157 Updated perl-HTTP-Daemon package fixes a security vulnerability
The updated package fixes a security vulnerability: HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. CVE-2026-8450...
SUSE CVE-2026-8450
HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...
CVE-2026-8450
HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...
UBUNTU-CVE-2026-8450
HTTP::Daemon versions before 6.17 for Perl allow OS command injection via sendfile. sendfile opens its string argument with Perl's 2-arg open. The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, ' path' and ' path' open the path for write or append. Untruste...