CPAN
Products
7- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-4976 | Cri | 0.64 | 9.8 | 0.00 | Jun 12, 2025 | Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141. | ||
| CVE-2008-7315 | Cri | 0.64 | 9.8 | 0.03 | Oct 10, 2017 | UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands. | ||
| CVE-2011-2201 | 0.03 | — | 0.06 | Sep 14, 2011 | The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input. | |||
| CVE-2020-10674 | 0.00 | — | 0.01 | Mar 18, 2020 | PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open. | |||
| CVE-2013-4184 | 0.00 | — | 0.01 | Dec 10, 2019 | Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks | |||
| CVE-2004-2332 | 0.00 | — | 0.01 | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form before 1.13 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. |
- risk 0.64cvss 9.8epss 0.00
Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities. The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141.
- risk 0.64cvss 9.8epss 0.03
UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.
- CVE-2011-2201Sep 14, 2011risk 0.03cvss —epss 0.06
The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
- CVE-2020-10674Mar 18, 2020risk 0.00cvss —epss 0.01
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
- CVE-2013-4184Dec 10, 2019risk 0.00cvss —epss 0.01
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
- CVE-2004-2332Dec 31, 2004risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form before 1.13 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.