rpm package
opensuse/apache2-mod_perl&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/apache2-mod_perl&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-2767 | Cri | 9.8 | < 2.0.11-2.12 | 2.0.11-2.12 | Aug 26, 2018 | mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing wit | |
| CVE-2013-1667 | — | < 2.0.9-5.1 | 2.0.9-5.1 | Mar 14, 2013 | The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key. | ||
| CVE-2007-1349 | — | < 2.0.11-2.12 | 2.0.11-2.12 | Mar 30, 2007 | PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI. |
- affected < 2.0.11-2.12fixed 2.0.11-2.12
mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing wit
- CVE-2013-1667Mar 14, 2013affected < 2.0.9-5.1fixed 2.0.9-5.1
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
- CVE-2007-1349Mar 30, 2007affected < 2.0.11-2.12fixed 2.0.11-2.12
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.