Security Advisories (2)
CVE-2012-5526
(2012-11-21)
CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.
- http://www.securityfocus.com/bid/56562
- http://www.openwall.com/lists/oss-security/2012/11/15/6
- https://github.com/markstos/CGI.pm/pull/23
- http://www.securitytracker.com/id?1027780
- http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changes
- http://secunia.com/advisories/51457
- http://www.ubuntu.com/usn/USN-1643-1
- http://www.debian.org/security/2012/dsa-2586
- http://rhn.redhat.com/errata/RHSA-2013-0685.html
- http://secunia.com/advisories/55314
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80098
CVE-2011-2766
(2011-11-08)
Usage of deprecated FCGI.pm API.
NAME
CGI::Switch - Backward compatibility module for defunct CGI::Switch
SYNOPSIS
Do not use this module. It is deprecated.
ABSTRACT
DESCRIPTION
AUTHOR INFORMATION
BUGS
SEE ALSO
Module Install Instructions
To install CGI, copy and paste the appropriate command in to your terminal.
cpanm CGIperl -MCPAN -e shell
install CGIFor more information on module installation, please visit the detailed CPAN module installation guide.