Miyagawa
Products
3- 2 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-125112 | Cri | 0.64 | 9.8 | 0.01 | Mar 26, 2026 | Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of… | ||
| CVE-2026-7381 | Cri | 0.52 | 9.1 | 0.00 | Apr 29, 2026 | Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware… | ||
| CVE-2026-40560 | Hig | 0.42 | 7.5 | 0.00 | Apr 29, 2026 | Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must… | ||
| CVE-2013-10031 | 0.00 | — | 0.00 | Dec 9, 2025 | Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks |
- risk 0.64cvss 9.8epss 0.01
Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of…
- risk 0.52cvss 9.1epss 0.00
Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware…
- risk 0.42cvss 7.5epss 0.00
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must…
- CVE-2013-10031Dec 9, 2025risk 0.00cvss —epss 0.00
Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks