CVE-2026-8368 affecting package perl-libwww-perl for versions less than 6.83-1

CVE-2026-8368 affecting package perl-libwww-perl for versions less than 6.83-1. An upgraded version of the package is available that resolves this issue...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libwww-perl vulnerability (USN-8378-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8378-1 advisory. It was discovered that libwww-perl incorrectly handled redirects. A remote attacker could possibly use this issue to obtain...

USN-8378-1: libwww-perl vulnerability

It was discovered that libwww-perl incorrectly handled redirects. A remote attacker could possibly use this issue to obtain sensitive information by causing Authorization headers to be sent to a different host...

USN-8378-1 libwww-perl vulnerability

It was discovered that libwww-perl incorrectly handled redirects. A remote attacker could possibly use this issue to obtain sensitive information by causing Authorization headers to be sent to a different host...

PT-2026-46109

It was discovered that libwww-perl incorrectly handled redirects. A remote attacker could possibly use this issue to obtain sensitive information by causing Authorization headers to be sent to a different host...

Fedora 44 : perl-libwww-perl (2026-8d1333fb52)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8d1333fb52 advisory. Changes: 6.83 2026-05-12 11:41:48Z - LWP::UserAgent now strips Authorization and Proxy-Authorization headers on cross-origin redirects a different scheme,...

MGASA-2026-0150 Updated perl-libwww-perl & perl-HTTP-Message packages fix security vulnerabilities

LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects...

perl-libwww-perl-6.830.0-1.1 on GA media (moderate)

perl-libwww-perl-6.830.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10781-1 Rating: moderate Cross-References: CVE-2026-8368 CVSS scores: CVE-2026-8368 SUSE : 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2026-8368 SUSE : 6...

OPENSUSE-SU-2026:10781-1 perl-libwww-perl-6.830.0-1.1 on GA media

These are all security issues fixed in the perl-libwww-perl-6.830.0-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2011-0651

Malware in sbrugna...

EUVD-2014-3246

Malware in sbrugna...

EUVD-2010-2265

Malware in sbrugna...

RHEL 4 : perl-libwww-perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-libwww-perl: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2253 -...

RHEL 6 : perl-libwww-perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-libwww-perl: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2253 -...

RHEL 3 : perl-libwww-perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-libwww-perl: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2253 Note that Nessu...

RHEL 7 : perl-libwww-perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - perl-libwww-perl: incorrect handling of SSL certificate verification CVE-2014-3230 Note that Nessus has not tested...

RHEL 5 : perl-libwww-perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-libwww-perl: multiple HTTP client download filename vulnerability OCERT 2010-001 CVE-2010-2253 -...

K34144932: libwww-perl vulnerability CVE-2014-3230

Security Advisory Description When libwww-perl LWP uses IO::Socket::SSL and when the HTTPSCADIR or HTTPSCAFILE environment variables are set, server certificate verification is disabled. CVE-2014-3230 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

SUSE CVE-2010-2253

lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . dot character, which allows remote servers to create or overwrite files via 1 a 3xx redirect to a URL with a crafted filename or 2 a Content-Disposition header that suggests a crafted filename, and...

SUSE CVE-2011-0633

The Net::HTTPS module in libwww-perl LWP before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof...