Описание
The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
Ссылки
- ExploitPatch
- ExploitPatch
- ExploitPatch
- ExploitPatch
- Exploit
- ExploitPatch
- Exploit
- ExploitPatch
- ExploitPatch
- ExploitPatch
- ExploitPatch
- Exploit
- ExploitPatch
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 4.66 (включая)
Одновременно
Одно из
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:*:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.3:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.4:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.8:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.9:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.10:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.11:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.91:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.92:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:1.93:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.00:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.01:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.02:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.03:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.04:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.10:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.11_01:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.11_02:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.11_03:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:2.11_04:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.00:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.01:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.10:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.11:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.12:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.13:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.14:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.15:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.49_1:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.50:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.51:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.52:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.53:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.54:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.55:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.56:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.57:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.58:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.59:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.60:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.61:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.62:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:3.63:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.00:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.01:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.02:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.10:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.11:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.12:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.13:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.14:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.20:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.30:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.40:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.49_01:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.50:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.51:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.52:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.53:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.54:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.55:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.56:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.57:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.60:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.61:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.62:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.63:*:*:*:*:*:*:*
cpe:2.3:a:mark_stosberg:data\:\:formvalidator:4.65:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11134
Средний
4.3 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
больше 14 лет назад
The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
debian
больше 14 лет назад
The Data::FormValidator module 4.66 and earlier for Perl, when untaint ...
github
больше 3 лет назад
The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
EPSS
Процентиль: 93%
0.11134
Средний
4.3 Medium
CVSS2
Дефекты
CWE-264