13 matches found
EUVD-2026-32892
Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...
CVE-2026-7381 Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting
Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting sendfile type to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware constructor or the...
Fedora: Security Advisory (FEDORA-2025-ca07c36a0a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0428)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0486)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : perl-Plack (openSUSE-SU-2014:1639-1)
This perl-Plack update fixes the following security issue : - bnc892328: trailing slashes removed leading to source code disclosure CVE-2014-5269 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...
[ MDVSA-2014:235 ] perl-Plack
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:235 http://www.mandriva.com/en/support/security/ Package : perl-Plack Date : November 28, 2014 Affected: Business Server 1.0 Problem Description: Updated perl-Plack package fixes security vulnerability:...
Mandriva Linux Security Advisory : perl-Plack (MDVSA-2014:235)
Updated perl-Plack package fixes security vulnerability : Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a whitelist of generated files...
MGASA-2014-0486 Updated perl-Plack package fixes security vulnerability
Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a whitelist of generated files CVE-2014-5269...
Fedora Update for perl-Plack FEDORA-2014-9544
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : perl-Plack-1.0031-1.fc19 (2014-9544)
---------------------------------------------------------------------- ---------- ChangeLog : - Fri Aug 8 2014 Ralf Corsepius - 1.0031-1 - Upstream update. - Thu Jan 16 2014 Ralf Corsepius - 1.0030-3 - Move misplaced %exclude-line from base-package to -Test. - Wed Jan 15 2014 Ralf Corsepius -...
Fedora 20 : perl-Plack-1.0031-1.fc20 (2014-9542)
---------------------------------------------------------------------- ---------- ChangeLog : - Fri Aug 8 2014 Ralf Corsepius - 1.0031-1 - Upstream update. - Thu Jan 16 2014 Ralf Corsepius - 1.0030-3 - Move misplaced %exclude-line from base-package to -Test. - Wed Jan 15 2014 Ralf Corsepius -...
Fedora Update for perl-Plack FEDORA-2014-9542
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...