VYPR

rpm package

opensuse/perl-CGI-Simple&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/perl-CGI-Simple&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2025-40927HigAug 29, 2025
    affected < 1.282.0-1.1fixed 1.282.0-1.1

    CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions.

  • CVE-2010-4411Dec 6, 2010
    affected < 1.115-1.4fixed 1.115-1.4

    Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.

  • CVE-2010-4410Dec 6, 2010
    affected < 1.115-1.4fixed 1.115-1.4

    CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters p

  • CVE-2010-2761Dec 6, 2010
    affected < 1.115-1.4fixed 1.115-1.4

    The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP respon