VYPR

Plack\

by Miyagawa

CVEs (2)

  • CVE-2014-125112CriMar 26, 2026
    risk 0.64cvss 9.8epss 0.01

    Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of…

  • CVE-2026-7381CriApr 29, 2026
    risk 0.52cvss 9.1epss 0.00

    Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware…