VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published May 3, 2011· Updated Apr 29, 2026

CVE-2010-4802

CVE-2010-4802

Description

Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.

Affected products

59
  • Mojolicious/Mojolicious59 versions
    cpe:2.3:a:mojolicious:mojolicious:*:*:*:*:*:*:*:*+ 58 more
    • cpe:2.3:a:mojolicious:mojolicious:*:*:*:*:*:*:*:*range: <=0.999927
    • cpe:2.3:a:mojolicious:mojolicious:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8006:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8007:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8008:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8009:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.9001:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.9002:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991231:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991232:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991233:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991234:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991235:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991236:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991237:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991238:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991239:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991240:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991241:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991242:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991243:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991244:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991245:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991246:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991250:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.991251:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999901:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999902:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999903:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999904:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999905:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999906:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999907:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999908:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999909:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999910:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999911:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999912:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999913:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999914:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999920:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999921:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999922:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999923:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999924:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999925:*:*:*:*:*:*:*
    • cpe:2.3:a:mojolicious:mojolicious:0.999926:*:*:*:*:*:*:*

Patches

2
aa7c8da54b1e

made detection a little less aggressive

https://github.com/kraih/mojoSebastian RiedelAug 17, 2010via nvd-ref
commit
1 file changed · +4 1
  • lib/Mojo/Commands.pm+4 1 modified
    @@ -149,11 +149,14 @@ sub _detect {
     return 'cgi'
       if defined $ENV{PATH_INFO} || defined $ENV{GATEWAY_INTERFACE};
 
+    # No further detection if we have a name
+    return $name if $name;
+
     # FastCGI
     return 'fastcgi' unless defined $ENV{PATH};
 
     # Nothing
-    return $name;
+    return;
 }
 
 1;
b3a1fb453eda

fixed CGI environment detection for broken web servers

https://github.com/kraih/mojoSebastian RiedelAug 17, 2010via nvd-ref
commit
2 files changed · +2 4
  • Changes+1 0 modified
    @@ -1,6 +1,7 @@
 This file documents the revision history for Perl extension Mojolicious.
 
 0.999928 2010-08-15 00:00:00
+        - Fixed CGI environment detection for broken web servers.
         - Fixed redirect_to without content and render_static bug.
         - Fixed nested partial rendering bug. (yko)
         - Fixed multiple small Mojo::DOM bugs. (yko)
  • lib/Mojo/Commands.pm+1 4 modified
    @@ -145,9 +145,6 @@ sub _detect {
     # PSGI (Plack only for now)
     return 'psgi' if defined $ENV{PLACK_ENV};
 
-    # No further detection if we have a name
-    return $name if $name;
-
     # CGI
     return 'cgi'
       if defined $ENV{PATH_INFO} || defined $ENV{GATEWAY_INTERFACE};
@@ -156,7 +153,7 @@ sub _detect {
     return 'fastcgi' unless defined $ENV{PATH};
 
     # Nothing
-    return;
+    return $name;
 }
 
 1;

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.