User: Password:
|
|
Subscribe / Log in / New account

perl-Dancer: header injection

Package(s):perl-Dancer CVE #(s):CVE-2012-5572
Created:June 13, 2013 Updated:June 28, 2013
Description:

From the Red Hat Bugzilla entry:

A security flaw was found in the way Dancer.pm, lightweight yet powerful web application framework / Perl language module, performed sanitization of values to be used for cookie() and cookies() methods. A remote attacker could use this flaw to inject arbitrary headers into responses from (Perl) applications, that use Dancer.pm.

Alerts:
Mandriva MDVSA-2013:184 perl-Dancer 2013-06-27
Mageia MGASA-2013-0183 perl-Dancer 2013-06-26
Fedora FEDORA-2013-9950 perl-Dancer 2013-06-13
Fedora FEDORA-2013-9961 perl-Dancer 2013-06-13

(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds