diff --git a/cpan-security-advisory.json b/cpan-security-advisory.json index 5ea5b1f..a99cc3d 100644 --- a/cpan-security-advisory.json +++ b/cpan-security-advisory.json @@ -1 +1 @@ -{"dists":{"Term-ReadLine-Gnu":{"advisories":[{"reported":"2014-08-20","id":"CPANSA-Term-ReadLine-Gnu-2014-2524","description":"The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.\n","references":["https://bugzilla.redhat.com/show_bug.cgi?id=1077023","http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00057.html","http://seclists.org/oss-sec/2014/q1/579","http://seclists.org/oss-sec/2014/q1/587","https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135686.html","http://www.mandriva.com/security/advisories?name=MDVSA-2014:154","http://advisories.mageia.org/MGASA-2014-0319.html","http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00037.html","http://www.mandriva.com/security/advisories?name=MDVSA-2015:132"],"severity":null,"affected_versions":["<1.27"],"fixed_versions":[">=1.27"],"cves":["CVE-2014-2524"],"external_vulnerability":{"name":"readline","distributed_version":"<=6.3"},"distribution":"Term-ReadLine-Gnu","comment":"The presense of affected versions of Term-ReadLine-Gnu suggests that a vulnerable version of the readline linrary is installed on the host system.\n"}],"main_module":"Term::ReadLine::Gnu","versions":[{"date":"1997-02-07T02:03:51","version":"0.06"},{"date":"1997-03-26T07:17:23","version":"0.07"},{"version":"0.09","date":"1997-08-25T15:02:01"},{"date":"1998-03-31T15:49:08","version":"0.10"},{"date":"1998-04-17T05:23:29","version":"1.00"},{"date":"1998-05-13T15:45:47","version":"1.01"},{"date":"1998-09-30T16:10:02","version":"1.03"},{"version":"1.04","date":"1999-02-22T17:28:32"},{"version":"1.05","date":"1999-04-10T16:08:54"},{"date":"1999-05-05T14:55:21","version":"1.06"},{"version":"1.07","date":"1999-07-19T15:13:19"},{"version":"1.08","date":"1999-12-30T13:37:18"},{"version":"1.09","date":"2000-04-03T18:05:33"},{"date":"2001-04-22T14:23:37","version":"1.10"},{"date":"2001-10-28T04:38:19","version":"1.11"},{"date":"2002-03-31T05:54:31","version":"1.12"},{"version":"1.13","date":"2002-07-28T05:07:18"},{"version":"1.14","date":"2003-03-17T03:59:29"},{"date":"2004-10-17T20:00:06","version":"1.15"},{"version":"1.16","date":"2006-04-02T01:36:28"},{"version":"1.17","date":"2008-02-07T15:00:09"},{"date":"2008-02-07T15:52:11","version":"1.17"},{"date":"2009-02-27T14:14:29","version":"1.18"},{"date":"2009-03-20T17:00:37","version":"1.19"},{"version":"1.20","date":"2010-05-02T14:26:20"},{"version":"1.21","date":"2014-03-01T17:19:57"},{"date":"2014-03-05T14:48:24","version":"1.22"},{"version":"1.23","date":"2014-03-19T15:53:44"},{"version":"1.24","date":"2014-03-23T11:58:51"},{"version":"1.25","date":"2014-12-20T13:25:24"},{"version":"1.26","date":"2015-01-31T12:30:45"},{"date":"2015-09-06T06:03:05","version":"1.27"},{"version":"1.28","date":"2015-09-21T13:14:52"},{"date":"2016-02-29T14:06:51","version":"1.29"},{"version":"1.30","date":"2016-03-01T15:55:22"},{"version":"1.31","date":"2016-03-06T00:45:52"},{"version":"1.32","date":"2016-06-07T15:25:50"},{"date":"2016-06-09T17:11:29","version":"1.33"},{"date":"2016-06-12T14:53:40","version":"1.34"},{"version":"1.35","date":"2016-11-03T14:36:40"},{"version":"1.36","date":"2019-01-14T05:39:06"},{"date":"2020-12-27T03:26:23","version":"1.37"},{"date":"2021-02-22T09:48:52","version":"1.38"},{"date":"2021-02-22T14:36:24","version":"1.39"},{"date":"2021-02-23T07:24:27","version":"1.40"},{"date":"2021-05-01T14:45:09","version":"1.41"},{"version":"1.42","date":"2021-05-07T03:30:02"},{"date":"2022-10-01T08:45:18","version":"1.43"},{"version":"1.44","date":"2022-11-06T14:03:08"},{"date":"2022-11-27T13:23:27","version":"1.45"},{"version":"1.46","date":"2023-07-01T09:18:33"}]},"CGI-Application-Dispatch":{"versions":[{"date":"2004-09-13T01:35:58","version":"0.01"},{"date":"2004-10-19T18:26:01","version":"0.02"},{"version":"0.03","date":"2004-10-29T16:53:40"},{"date":"2005-01-06T15:34:49","version":"1.00"},{"version":"1.01","date":"2005-01-08T12:42:00"},{"version":"1.02","date":"2005-01-20T14:43:28"},{"date":"2005-03-04T16:28:16","version":"1.03"},{"date":"2005-07-12T21:44:54","version":"1.04"},{"version":"2.00_02","date":"2006-01-12T15:56:53"},{"date":"2006-02-06T15:50:52","version":"2.00_03"},{"version":"2.00_04","date":"2006-02-14T15:41:25"},{"date":"2006-04-12T14:18:22","version":"2.00_05"},{"date":"2006-06-27T04:29:04","version":"2.00_06"},{"version":"2.00","date":"2006-07-03T15:52:12"},{"version":"2.01","date":"2006-08-14T14:14:10"},{"version":"2.02","date":"2006-08-17T14:57:55"},{"date":"2006-09-30T02:13:40","version":"2.03"},{"date":"2007-01-03T18:12:57","version":"2.10_01"},{"version":"2.10_02","date":"2007-01-11T18:55:41"},{"version":"2.10","date":"2007-01-15T14:08:30"},{"date":"2007-12-28T20:23:49","version":"2.11"},{"version":"2.12_01","date":"2007-12-31T20:43:51"},{"version":"2.12","date":"2008-01-03T14:39:57"},{"version":"2.13_01","date":"2008-03-08T18:33:34"},{"date":"2008-03-11T16:41:27","version":"2.13_02"},{"version":"2.13","date":"2008-09-17T00:44:02"},{"date":"2008-11-03T01:33:21","version":"2.14"},{"date":"2008-12-04T16:00:05","version":"2.15"},{"date":"2009-03-24T02:03:51","version":"2.16"},{"version":"2.17","date":"2009-12-30T19:06:27"},{"date":"2011-01-05T03:42:59","version":"2.18"},{"date":"2011-06-16T17:42:14","version":"3.00"},{"date":"2011-06-24T02:53:20","version":"3.01"},{"date":"2011-06-24T22:33:01","version":"3.02"},{"date":"2011-06-26T03:52:14","version":"3.03"},{"date":"2011-06-29T13:45:53","version":"3.04"},{"version":"3.05","date":"2011-09-07T22:21:15"},{"date":"2011-09-09T15:29:58","version":"3.06"},{"version":"3.07","date":"2011-09-09T17:32:11"},{"version":"3.10","date":"2012-09-03T04:04:19"},{"date":"2012-09-14T01:02:58","version":"3.11"},{"version":"3.12","date":"2012-09-14T01:19:52"}],"main_module":"CGI::Application::Dispatch","advisories":[{"fixed_versions":[">=1.02"],"distribution":"CGI-Application-Dispatch","cves":[],"affected_versions":["<1.02"],"references":["https://metacpan.org/changes/distribution/CGI-Application-Dispatch"],"id":"CPANSA-CGI-Application-Dispatch-2005-001","reported":"2005-01-20","description":"Untainted module names.\n"}]},"Module-Provision":{"versions":[{"version":"v0.3.43","date":"2013-04-14T19:20:34"},{"date":"2013-04-15T12:46:30","version":"v0.3.44"},{"date":"2013-04-15T17:33:39","version":"v0.3.45"},{"version":"v0.4.47","date":"2013-04-21T16:14:43"},{"date":"2013-04-22T15:09:36","version":"v0.4.51"},{"date":"2013-04-24T04:13:42","version":"v0.6.59"},{"date":"2013-04-24T23:34:41","version":"v0.7.4"},{"date":"2013-04-27T01:18:07","version":"v0.7.6"},{"date":"2013-04-27T11:36:59","version":"v0.7.7"},{"version":"v0.8.3","date":"2013-04-30T22:32:47"},{"version":"v0.9.5","date":"2013-05-02T18:45:43"},{"version":"v0.10.1","date":"2013-05-04T00:14:46"},{"version":"v0.11.1","date":"2013-05-04T20:22:41"},{"version":"v0.12.1","date":"2013-05-06T15:08:18"},{"version":"v0.12.3","date":"2013-05-08T15:51:41"},{"version":"v0.12.5","date":"2013-05-09T23:42:20"},{"version":"v0.12.6","date":"2013-05-10T19:29:24"},{"version":"v0.13.1","date":"2013-05-11T02:15:00"},{"date":"2013-05-11T13:59:50","version":"v0.14.2"},{"version":"v0.15.3","date":"2013-05-12T18:03:55"},{"version":"v0.15.5","date":"2013-05-14T12:49:37"},{"version":"v0.15.6","date":"2013-05-15T17:55:40"},{"date":"2013-05-15T20:59:19","version":"v0.15.7"},{"date":"2013-05-16T23:02:48","version":"v0.15.8"},{"date":"2013-05-19T12:59:15","version":"v0.15.9"},{"date":"2013-06-08T17:12:50","version":"v0.16.1"},{"version":"v0.17.16","date":"2013-07-28T18:42:27"},{"version":"v0.17.17","date":"2013-07-29T16:10:28"},{"date":"2013-07-29T23:51:34","version":"v0.17.18"},{"version":"v0.17.19","date":"2013-07-30T13:06:37"},{"version":"v0.18.0","date":"2013-08-07T17:56:55"},{"date":"2013-08-07T17:58:22","version":"v0.18.1"},{"date":"2013-08-08T13:39:44","version":"v0.18.2"},{"date":"2013-08-10T08:51:08","version":"v0.18.3"},{"date":"2013-08-10T21:18:54","version":"v0.18.4"},{"version":"0.20.1","date":"2013-08-17T15:47:30"},{"date":"2013-08-21T12:36:06","version":"0.21.1"},{"version":"0.22.1","date":"2013-08-21T12:56:35"},{"version":"0.23.1","date":"2013-09-14T09:38:12"},{"date":"2013-09-16T20:23:50","version":"0.24.1"},{"version":"0.25.1","date":"2013-11-23T13:38:55"},{"date":"2013-11-25T21:30:21","version":"0.26.1"},{"version":"0.27.1","date":"2013-12-11T17:25:32"},{"date":"2013-12-12T14:23:50","version":"0.28.1"},{"version":"0.29.1","date":"2013-12-12T21:54:50"},{"date":"2014-01-24T21:05:50","version":"0.31.2"},{"date":"2014-05-01T14:42:10","version":"0.32.1"},{"version":"0.33.1","date":"2014-05-15T20:55:59"},{"date":"2014-05-19T11:47:05","version":"0.34.1"},{"date":"2014-10-28T13:51:21","version":"0.36.1"},{"date":"2015-02-11T17:52:30","version":"0.38.1"},{"version":"0.39.1","date":"2015-02-11T19:03:04"},{"version":"0.40.1","date":"2015-06-08T21:47:29"},{"date":"2016-04-04T12:15:12","version":"0.41.1"},{"date":"2017-05-08T19:30:17","version":"0.42.1"}],"advisories":[{"description":"(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.\n","id":"CPANSA-Module-Provision-2016-1238","reported":"2016-08-02","references":["http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html","http://www.securitytracker.com/id/1036440","http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab","https://rt.perl.org/Public/Bug/Display.html?id=127834","http://www.securityfocus.com/bid/92136","http://www.debian.org/security/2016/dsa-3628","https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOFRQWJRP2NQJEYEWOMECVW3HAMD5SYN/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZBNQH3DMI7HDELJAZ4TFJJANHXOEDWH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FBQOCV3GBAN2EYZUM3CFDJ4ECA3GZOK/","https://security.gentoo.org/glsa/201701-75","https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c@%3Cannounce.apache.org%3E","https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html","https://security.gentoo.org/glsa/201812-07","http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html"],"affected_versions":["<0.42.1"],"severity":"high","distribution":"Module-Provision","cves":["CVE-2016-1238"],"fixed_versions":[">=0.42.1"]}],"main_module":"Module::Provision"},"App-cpanminus":{"versions":[{"date":"2010-02-20T02:27:00","version":"0.01"},{"version":"0.02","date":"2010-02-20T03:14:10"},{"version":"0.03","date":"2010-02-20T03:39:56"},{"date":"2010-02-20T05:04:01","version":"0.04"},{"version":"0.05","date":"2010-02-20T05:16:03"},{"date":"2010-02-20T05:48:44","version":"0.06"},{"version":"0.07","date":"2010-02-20T20:20:08"},{"date":"2010-02-20T23:41:01","version":"0.08"},{"date":"2010-02-21T07:48:49","version":"0.09"},{"date":"2010-02-23T20:52:46","version":"0.99_01"},{"version":"0.99_02","date":"2010-02-24T06:20:33"},{"version":"0.99_03","date":"2010-02-24T07:05:47"},{"date":"2010-02-25T17:20:05","version":"0.99_04"},{"version":"0.99_05","date":"2010-02-25T22:42:22"},{"date":"2010-02-25T22:51:43","version":"0.99_06"},{"date":"2010-02-28T05:14:30","version":"0.99_07"},{"date":"2010-03-01T05:59:15","version":"0.9910"},{"date":"2010-03-02T00:29:51","version":"0.9911"},{"date":"2010-03-03T02:55:22","version":"0.9912"},{"date":"2010-03-03T03:21:59","version":"0.9913"},{"date":"2010-03-04T08:42:03","version":"0.9914"},{"date":"2010-03-04T09:58:11","version":"0.9915"},{"version":"0.9916","date":"2010-03-04T19:35:22"},{"version":"0.9917","date":"2010-03-09T13:58:32"},{"date":"2010-03-10T02:26:03","version":"0.9918"},{"version":"0.9919","date":"2010-03-10T02:41:31"},{"version":"0.99_20","date":"2010-03-10T09:49:22"},{"date":"2010-03-10T15:03:38","version":"0.9921"},{"version":"0.9922","date":"2010-03-11T02:01:28"},{"date":"2010-03-16T00:07:01","version":"0.9923"},{"date":"2010-03-22T05:05:33","version":"0.99_24"},{"version":"0.99_25","date":"2010-03-23T02:54:44"},{"version":"0.99_26","date":"2010-03-23T03:24:34"},{"date":"2010-03-23T18:24:55","version":"0.9927"},{"date":"2010-03-26T05:09:12","version":"0.9928"},{"version":"0.9929","date":"2010-03-27T04:42:41"},{"date":"2010-03-30T21:29:41","version":"0.9930"},{"date":"2010-04-05T01:18:12","version":"0.9931"},{"date":"2010-04-05T23:28:11","version":"0.9932"},{"version":"0.99_33","date":"2010-04-11T07:51:27"},{"date":"2010-04-11T11:55:44","version":"0.9934"},{"version":"0.999_01","date":"2010-04-12T11:09:47"},{"date":"2010-04-13T07:11:08","version":"0.999_02"},{"date":"2010-04-14T09:29:25","version":"0.999_03"},{"version":"0.9935","date":"2010-04-14T09:30:52"},{"date":"2010-04-19T06:23:01","version":"0.999_04"},{"date":"2010-04-21T11:40:46","version":"0.999_05"},{"date":"2010-04-21T11:53:47","version":"0.9936"},{"version":"1.0000","date":"2010-04-24T08:23:24"},{"version":"1.0001","date":"2010-04-24T08:26:40"},{"version":"1.0002","date":"2010-05-02T03:51:09"},{"version":"1.0003","date":"2010-05-04T23:16:18"},{"date":"2010-05-14T23:10:54","version":"1.0004"},{"version":"1.0005","date":"2010-07-02T23:39:32"},{"date":"2010-07-02T23:54:14","version":"1.0006"},{"date":"2010-07-30T19:55:47","version":"1.0010"},{"version":"1.0011","date":"2010-08-18T23:42:36"},{"date":"2010-08-20T19:58:19","version":"1.0012"},{"version":"1.0013","date":"2010-09-12T19:54:17"},{"version":"1.0014","date":"2010-09-21T19:43:20"},{"date":"2010-09-24T23:52:00","version":"1.0015"},{"date":"2010-11-12T07:57:33","version":"1.1000"},{"version":"1.1001","date":"2010-11-12T20:37:49"},{"date":"2010-11-17T02:28:44","version":"1.1002"},{"version":"1.1003","date":"2010-11-25T09:18:34"},{"version":"1.1004","date":"2010-11-30T18:07:12"},{"version":"1.1005","date":"2010-12-14T23:08:40"},{"version":"1.1006","date":"2010-12-16T19:32:01"},{"date":"2011-01-18T17:40:16","version":"1.1007"},{"version":"1.19_01","date":"2011-01-18T20:54:34"},{"version":"1.19_02","date":"2011-01-18T22:11:52"},{"version":"1.1008","date":"2011-01-26T22:08:11"},{"date":"2011-02-16T18:11:52","version":"1.2000"},{"date":"2011-02-16T18:55:46","version":"1.2001"},{"date":"2011-03-01T02:59:25","version":"1.29_01"},{"version":"1.29_02","date":"2011-03-02T00:09:00"},{"version":"1.3000","date":"2011-03-02T22:41:40"},{"version":"1.3001","date":"2011-03-04T02:35:03"},{"version":"1.30_02","date":"2011-03-04T03:54:53"},{"version":"1.30_03","date":"2011-03-04T08:32:56"},{"date":"2011-03-04T08:53:22","version":"1.30_04"},{"version":"1.30_05","date":"2011-03-04T09:41:34"},{"version":"1.30_06","date":"2011-03-04T22:57:43"},{"date":"2011-03-04T23:20:45","version":"1.30_07"},{"version":"1.30_08","date":"2011-03-05T00:07:44"},{"version":"1.30_09","date":"2011-03-05T02:16:54"},{"version":"1.30_10","date":"2011-03-05T22:57:38"},{"date":"2011-03-06T09:37:36","version":"1.30_11"},{"date":"2011-03-07T03:00:09","version":"1.30_12"},{"date":"2011-03-07T18:54:03","version":"1.30_13"},{"version":"1.4000","date":"2011-03-08T09:11:33"},{"date":"2011-03-08T18:11:57","version":"1.4001"},{"date":"2011-03-09T01:57:18","version":"1.4002"},{"date":"2011-03-10T02:15:19","version":"1.4003"},{"date":"2011-03-10T18:09:34","version":"1.4004"},{"version":"1.4005","date":"2011-05-11T19:49:38"},{"date":"2011-05-16T17:17:29","version":"1.4006"},{"version":"1.4007","date":"2011-05-17T17:54:45"},{"date":"2011-06-16T01:00:00","version":"1.4008"},{"date":"2011-06-26T17:59:17","version":"1.49_01"},{"version":"1.49_02","date":"2011-10-12T09:57:03"},{"date":"2011-10-13T06:40:49","version":"1.5000"},{"date":"2011-10-13T15:21:16","version":"1.5001"},{"version":"1.5002","date":"2011-10-18T00:13:36"},{"version":"1.5003","date":"2011-10-19T07:31:10"},{"version":"1.5004","date":"2011-11-08T22:29:31"},{"version":"1.5005","date":"2011-11-22T21:31:21"},{"date":"2011-11-29T19:49:42","version":"1.5006"},{"version":"1.5007","date":"2011-12-20T18:18:50"},{"version":"1.5008","date":"2012-03-18T01:23:40"},{"date":"2012-03-30T16:45:43","version":"1.5009"},{"date":"2012-03-31T11:01:47","version":"1.5010"},{"date":"2012-04-12T09:59:39","version":"1.5011"},{"version":"1.5012","date":"2012-05-11T03:50:22"},{"date":"2012-05-12T03:18:19","version":"1.5013"},{"version":"1.5014","date":"2012-06-13T01:34:12"},{"date":"2012-06-24T22:37:49","version":"1.5015"},{"date":"2012-07-17T19:02:48","version":"1.5016"},{"date":"2012-07-18T15:41:26","version":"1.5017"},{"version":"1.5018","date":"2012-09-19T05:42:19"},{"version":"1.5019","date":"2012-12-22T17:22:02"},{"date":"2013-01-29T18:32:26","version":"1.5020"},{"version":"1.5021","date":"2013-01-31T08:45:31"},{"version":"1.59_01","date":"2013-01-31T18:07:46"},{"date":"2013-02-01T03:12:10","version":"1.59_02"},{"version":"1.59_03","date":"2013-02-01T18:54:58"},{"version":"1.59_04","date":"2013-02-03T17:07:16"},{"date":"2013-02-04T19:52:48","version":"1.59_05"},{"date":"2013-02-05T20:40:30","version":"1.59_06"},{"date":"2013-02-06T19:17:51","version":"1.59_07"},{"date":"2013-02-06T19:32:27","version":"1.59_08"},{"date":"2013-02-07T09:59:04","version":"1.59_09"},{"version":"1.59_10","date":"2013-02-08T00:29:16"},{"date":"2013-02-11T22:12:12","version":"1.59_11"},{"version":"1.59_12","date":"2013-02-14T02:15:12"},{"version":"1.59_13","date":"2013-02-25T20:16:34"},{"version":"1.6000","date":"2013-02-26T17:57:00"},{"version":"1.6001","date":"2013-02-27T01:04:54"},{"version":"1.6002","date":"2013-02-27T20:13:45"},{"date":"2013-03-08T19:03:47","version":"1.6003"},{"date":"2013-03-08T19:32:25","version":"1.6004"},{"date":"2013-03-08T19:48:06","version":"1.6005"},{"date":"2013-03-14T06:00:27","version":"1.6006"},{"date":"2013-03-17T21:34:17","version":"1.6007"},{"date":"2013-03-19T17:03:36","version":"1.6008"},{"date":"2013-03-25T04:10:51","version":"1.6100"},{"version":"1.6101","date":"2013-03-25T20:41:37"},{"version":"1.6102","date":"2013-03-28T00:16:09"},{"date":"2013-03-30T21:36:49","version":"1.6103"},{"version":"1.6104","date":"2013-04-03T01:04:42"},{"date":"2013-04-05T05:17:38","version":"1.6105"},{"date":"2013-04-06T21:19:18","version":"1.6106"},{"date":"2013-04-07T04:19:16","version":"1.6107"},{"date":"2013-04-13T06:32:52","version":"1.6108"},{"version":"1.6190","date":"2013-04-13T11:48:43"},{"version":"1.6191","date":"2013-04-14T03:09:40"},{"date":"2013-04-14T08:17:32","version":"1.6192"},{"date":"2013-04-15T07:37:08","version":"1.6193"},{"date":"2013-04-15T07:42:51","version":"1.6900"},{"version":"1.6901","date":"2013-04-21T00:50:44"},{"version":"1.6109","date":"2013-04-21T01:06:02"},{"version":"1.6902","date":"2013-04-21T01:18:10"},{"date":"2013-04-22T01:07:09","version":"1.6903"},{"date":"2013-04-24T02:24:37","version":"1.6904"},{"date":"2013-04-24T03:05:21","version":"1.6905"},{"version":"1.6906","date":"2013-04-25T06:20:23"},{"version":"1.6907","date":"2013-04-26T18:40:08"},{"date":"2013-04-27T01:12:17","version":"1.6908"},{"date":"2013-04-29T08:49:53","version":"1.6909"},{"date":"2013-05-03T07:29:32","version":"1.6910"},{"version":"1.6911","date":"2013-05-04T20:28:02"},{"version":"1.6912","date":"2013-05-06T20:59:52"},{"date":"2013-05-10T00:05:10","version":"1.6913"},{"version":"1.6914","date":"2013-05-12T23:03:52"},{"version":"1.6915","date":"2013-05-16T02:01:33"},{"version":"1.6916","date":"2013-06-04T10:55:37"},{"version":"1.6917","date":"2013-06-05T01:07:33"},{"date":"2013-06-10T20:03:21","version":"1.6918"},{"date":"2013-06-12T15:33:22","version":"1.6919"},{"date":"2013-06-14T21:09:54","version":"1.6920"},{"version":"1.6921","date":"2013-06-18T10:19:43"},{"date":"2013-06-19T20:57:09","version":"1.6922"},{"date":"2013-07-04T05:17:11","version":"1.6923"},{"date":"2013-07-16T18:38:21","version":"1.6924"},{"version":"1.6925","date":"2013-07-20T05:08:06"},{"version":"1.6926","date":"2013-07-20T16:03:14"},{"date":"2013-07-23T07:45:33","version":"1.6927"},{"version":"1.6928","date":"2013-07-23T21:07:02"},{"version":"1.6929","date":"2013-07-24T18:46:29"},{"version":"1.6930","date":"2013-07-24T20:48:14"},{"date":"2013-07-24T21:51:33","version":"1.6931"},{"version":"1.6932","date":"2013-07-24T22:29:04"},{"version":"1.6933","date":"2013-07-25T16:58:24"},{"date":"2013-07-26T23:17:21","version":"1.6934"},{"date":"2013-07-31T18:36:57","version":"1.6935"},{"date":"2013-08-05T04:37:54","version":"1.6936"},{"date":"2013-08-06T01:55:29","version":"1.6937"},{"date":"2013-08-06T06:12:45","version":"1.6938"},{"version":"1.6939","date":"2013-08-06T09:55:55"},{"date":"2013-08-08T19:36:34","version":"1.6940"},{"date":"2013-08-20T18:32:44","version":"1.6941"},{"version":"1.6942","date":"2013-08-27T18:11:47"},{"version":"1.6943","date":"2013-09-03T23:40:37"},{"version":"1.7000","date":"2013-09-04T22:02:21"},{"version":"1.7001","date":"2013-09-08T20:12:16"},{"version":"1.7100","date":"2013-09-19T05:31:34"},{"date":"2013-09-19T11:15:59","version":"1.7101"},{"date":"2013-09-20T04:33:50","version":"1.7102"},{"version":"1.7002","date":"2014-04-27T05:46:31"},{"version":"1.7003","date":"2014-04-27T15:11:46"},{"date":"2014-04-27T16:23:35","version":"1.7004"},{"date":"2014-09-02T04:00:49","version":"1.7005"},{"date":"2014-09-02T06:27:35","version":"1.7006"},{"date":"2014-09-05T12:04:41","version":"1.7005"},{"date":"2014-09-05T22:45:37","version":"1.7006"},{"version":"1.7007","date":"2014-09-09T16:26:54"},{"version":"1.7008","date":"2014-09-10T08:19:24"},{"date":"2014-09-10T08:44:00","version":"1.7009"},{"version":"1.7010","date":"2014-09-17T09:28:23"},{"date":"2014-09-22T06:08:51","version":"1.7011"},{"version":"1.7012","date":"2014-09-27T02:29:33"},{"version":"1.7013","date":"2014-10-07T06:52:45"},{"version":"1.7014","date":"2014-10-08T03:54:02"},{"date":"2014-11-14T21:14:40","version":"1.7015"},{"version":"1.7016","date":"2014-11-16T19:47:26"},{"date":"2014-11-25T22:01:56","version":"1.7017"},{"date":"2014-11-25T22:08:49","version":"1.7018"},{"version":"1.7019","date":"2014-12-04T20:52:24"},{"date":"2014-12-09T01:54:37","version":"1.7020"},{"version":"1.7021","date":"2014-12-12T05:43:01"},{"date":"2014-12-13T00:42:15","version":"1.7022"},{"date":"2015-01-04T23:00:30","version":"1.7023"},{"version":"1.7024","date":"2015-01-12T21:32:45"},{"version":"1.7025","date":"2015-02-07T06:59:17"},{"version":"1.7026","date":"2015-02-14T01:12:18"},{"version":"1.7027","date":"2015-02-14T20:15:20"},{"version":"1.7028","date":"2015-04-17T17:24:16"},{"version":"1.7029","date":"2015-04-18T22:16:17"},{"date":"2015-04-19T12:15:59","version":"1.7030"},{"version":"1.7031","date":"2015-04-22T21:14:17"},{"version":"1.7032","date":"2015-04-30T01:52:49"},{"date":"2015-05-02T00:18:54","version":"1.7033"},{"version":"1.7034","date":"2015-05-07T21:21:07"},{"date":"2015-06-05T17:51:53","version":"1.7035"},{"version":"1.7036","date":"2015-06-06T05:08:20"},{"version":"1.7037","date":"2015-06-18T21:38:47"},{"version":"1.7038","date":"2015-06-23T01:05:25"},{"date":"2015-06-29T01:06:18","version":"1.7039"},{"version":"1.7040","date":"2016-01-07T19:29:19"},{"date":"2016-05-08T18:29:30","version":"1.7041"},{"version":"1.7042","date":"2016-05-24T07:49:34"},{"date":"2017-04-03T03:57:15","version":"1.7043"},{"version":"1.7044","date":"2018-04-19T11:54:56"},{"version":"1.7900","date":"2018-04-20T12:17:48"},{"version":"1.7901","date":"2018-04-20T12:20:35"},{"date":"2018-04-20T12:43:24","version":"1.7902"},{"date":"2018-04-20T14:54:30","version":"1.7903"},{"version":"1.7904","date":"2018-04-20T21:22:56"},{"date":"2018-04-21T09:40:47","version":"1.7905"},{"version":"1.9015","date":"2018-04-21T10:57:20"},{"date":"2018-04-21T11:17:58","version":"1.9016"},{"date":"2018-04-21T17:31:13","version":"1.9017"},{"date":"2018-04-22T13:54:32","version":"1.9018"},{"date":"2018-04-25T09:27:31","version":"1.7906"},{"date":"2018-04-26T11:36:59","version":"1.7907"},{"date":"2022-01-27T03:05:02","version":"1.7045"},{"version":"1.7046","date":"2022-04-27T06:01:26"},{"version":"1.7047","date":"2023-07-30T06:01:02"},{"version":"1.7048","date":"2024-10-29T18:49:03"}],"main_module":"App::cpanminus","advisories":[{"fixed_versions":[">=1.7045"],"cves":["CVE-2020-16154"],"distribution":"App-cpanminus","references":["https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DENFY4CRTIZL5WYYUYUM4VKCJNXO4QIW/","https://metacpan.org/pod/App::cpanminus","https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/","https://access.redhat.com/security/cve/cve-2020-16154","https://security-tracker.debian.org/tracker/CVE-2020-16154","https://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html","https://github.com/miyagawa/cpanminus/pull/638"],"affected_versions":["<=1.7044"],"description":"The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.\n","id":"CPANSA-App-cpanminus-2020-01","reported":"2020-07-30"},{"description":"The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.\n","id":"CPANSA-App-cpanminus-2024-45321","reported":"2024-08-27","references":["https://github.com/miyagawa/cpanminus/issues/611","https://github.com/miyagawa/cpanminus/pull/674","https://security.metacpan.org/2024/08/26/cpanminus-downloads-code-using-insecure-http.html"],"affected_versions":["<=1.7047"],"cves":["CVE-2024-45321"],"distribution":"App-cpanminus","fixed_versions":[]}]},"GitLab-API-v4":{"versions":[{"version":"0.01","date":"2017-12-11T18:40:52"},{"date":"2017-12-16T00:11:18","version":"0.02"},{"version":"0.03","date":"2018-01-12T21:26:23"},{"version":"0.04","date":"2018-02-03T23:15:40"},{"date":"2018-03-06T18:26:52","version":"0.05"},{"version":"0.06","date":"2018-04-09T20:06:01"},{"version":"0.07","date":"2018-05-10T21:33:05"},{"date":"2018-05-14T17:33:39","version":"0.08"},{"version":"0.09","date":"2018-05-29T04:48:13"},{"version":"0.10","date":"2018-06-06T06:47:41"},{"date":"2018-09-02T05:24:51","version":"0.11"},{"date":"2018-09-12T01:04:05","version":"0.12"},{"version":"0.13","date":"2018-11-08T13:44:56"},{"date":"2018-12-04T20:39:42","version":"0.14"},{"date":"2019-01-09T18:13:46","version":"0.15"},{"version":"0.16","date":"2019-02-18T06:21:38"},{"version":"0.17","date":"2019-02-20T22:49:13"},{"version":"0.18","date":"2019-04-01T04:36:27"},{"version":"0.19","date":"2019-05-17T20:41:31"},{"version":"0.20","date":"2019-07-23T21:42:57"},{"date":"2019-08-24T18:56:25","version":"0.21"},{"date":"2019-09-13T15:03:00","version":"0.22"},{"version":"0.23","date":"2019-10-18T19:55:54"},{"date":"2020-02-12T22:10:58","version":"0.24"},{"date":"2020-02-12T22:21:40","version":"0.25"},{"version":"0.26","date":"2021-01-30T07:11:26"},{"version":"0.27","date":"2023-06-07T20:51:14"}],"advisories":[{"fixed_versions":[],"cves":["CVE-2023-31485"],"distribution":"GitLab-API-v4","affected_versions":[">=0.26"],"references":["https://github.com/bluefeet/GitLab-API-v4/pull/57","https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/","https://www.openwall.com/lists/oss-security/2023/04/18/14","https://github.com/chansen/p5-http-tiny/pull/151"],"id":"CPANSA-GitLab-API-v4-2023-31485","reported":"2023-02-28","description":"GitLab::API::v4 is missing the verify_SSL=>1 flag in HTTP::Tiny, allowing a network attacker to MITM connections to the GitLab server.\n"}],"main_module":"GitLab::API::v4"},"Proc-Daemon":{"versions":[{"version":"0.01","date":"1998-01-27T18:42:37"},{"date":"1999-04-17T19:55:07","version":"0.02"},{"date":"2003-06-19T22:58:30","version":"0.03"},{"version":"0.04","date":"2010-10-23T23:11:32"},{"date":"2010-10-28T20:25:50","version":"0.05"},{"version":"0.06","date":"2011-01-17T22:14:07"},{"version":"0.07","date":"2011-02-17T19:34:32"},{"date":"2011-03-13T17:38:15","version":"0.08"},{"date":"2011-03-15T07:05:00","version":"0.09"},{"version":"0.10","date":"2011-04-01T19:26:32"},{"date":"2011-05-23T14:48:37","version":"0.11"},{"version":"0.12","date":"2011-05-24T17:12:19"},{"version":"0.13","date":"2011-06-01T11:39:51"},{"version":"0.14","date":"2011-06-03T09:06:45"},{"date":"2015-01-22T00:22:38","version":"0.15"},{"date":"2015-01-23T00:10:30","version":"0.16"},{"date":"2015-01-23T23:23:49","version":"0.17"},{"date":"2015-01-27T01:03:25","version":"0.18"},{"date":"2015-03-22T09:37:55","version":"0.19"},{"version":"0.20","date":"2015-06-24T04:34:03"},{"version":"0.21","date":"2015-08-07T01:52:52"},{"version":"0.22","date":"2015-10-29T00:30:34"},{"version":"0.23","date":"2016-01-01T18:51:05"}],"main_module":"Proc::Daemon","advisories":[{"distribution":"Proc-Daemon","cves":["CVE-2013-7135"],"fixed_versions":[],"references":["http://www.openwall.com/lists/oss-security/2014/01/07/7","http://www.openwall.com/lists/oss-security/2013/12/16/5","http://www.openwall.com/lists/oss-security/2013/12/18/2","https://rt.cpan.org/Public/Bug/Display.html?id=91450","http://www.mandriva.com/security/advisories?name=MDVSA-2014:021"],"affected_versions":["<0.14"],"description":"The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a process ID, which allows local users to have an unspecified impact by modifying this file.\n","id":"CPANSA-Proc-Daemon-2013-7135","reported":"2014-01-28","severity":null}]},"PlRPC":{"advisories":[{"distribution":"PlRPC","cves":["CVE-2013-7284"],"fixed_versions":[],"references":["https://bugzilla.redhat.com/show_bug.cgi?id=1051108","http://seclists.org/oss-sec/2014/q1/56","http://seclists.org/oss-sec/2014/q1/62","https://bugzilla.redhat.com/show_bug.cgi?id=1030572","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734789","https://rt.cpan.org/Public/Bug/Display.html?id=90474"],"affected_versions":["<=0.2020"],"description":"The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.\n","reported":"2014-04-29","id":"CPANSA-PlRPC-2013-7284","severity":null}],"main_module":"Bundle::PlRPC","versions":[{"version":"0.2001","date":"1998-10-28T23:03:06"},{"version":"0.2003","date":"1999-01-15T09:26:43"},{"date":"1999-04-09T21:18:22","version":"0.2010"},{"date":"1999-06-21T09:10:10","version":"0.2004"},{"version":"0.2011","date":"1999-06-21T09:26:45"},{"version":"0.2012","date":"1999-06-26T16:21:38"},{"version":"0.2013","date":"2001-01-23T08:17:41"},{"date":"2001-01-23T15:57:05","version":"0.2014"},{"date":"2001-03-26T13:10:50","version":"0.2015"},{"date":"2001-10-01T02:45:21","version":"0.2016"},{"date":"2003-06-09T08:55:18","version":"0.2017"},{"version":"0.2018","date":"2004-07-27T07:47:32"},{"version":"0.2018","date":"2007-05-22T20:56:36"},{"date":"2007-06-17T20:00:21","version":"0.2018"},{"version":"0.2021_01","date":"2012-01-27T16:55:27"}]},"Crypt-JWT":{"versions":[{"version":"0.004","date":"2015-07-02T22:24:01"},{"version":"0.005","date":"2015-07-02T22:54:29"},{"version":"0.010","date":"2015-07-07T19:43:45"},{"date":"2015-10-22T07:08:48","version":"0.011"},{"date":"2016-05-02T17:33:01","version":"0.012"},{"date":"2016-05-03T07:10:15","version":"0.013"},{"version":"0.014","date":"2016-05-04T05:48:13"},{"version":"0.015","date":"2016-05-12T05:38:49"},{"date":"2016-05-12T08:03:49","version":"0.016"},{"date":"2016-06-03T10:17:48","version":"0.017"},{"version":"0.018","date":"2016-08-31T19:49:41"},{"version":"0.019","date":"2018-01-26T16:07:54"},{"version":"0.020","date":"2018-02-02T15:02:28"},{"version":"0.021","date":"2018-03-15T11:59:25"},{"version":"0.022","date":"2018-06-24T20:29:50"},{"date":"2018-09-01T16:09:10","version":"0.023"},{"version":"0.024","date":"2019-03-26T11:11:25"},{"version":"0.025","date":"2019-09-29T15:23:58"},{"version":"0.026","date":"2020-02-02T08:44:56"},{"date":"2020-06-04T22:35:39","version":"0.027"},{"version":"0.028","date":"2020-06-14T18:17:45"},{"date":"2020-06-22T13:13:53","version":"0.029"},{"version":"0.030","date":"2021-01-08T14:22:56"},{"date":"2021-01-10T14:18:25","version":"0.031"},{"date":"2021-03-18T21:02:33","version":"0.032"},{"version":"0.033","date":"2021-05-01T17:18:31"},{"date":"2021-11-28T22:08:38","version":"0.034"},{"version":"0.035","date":"2023-10-03T10:20:23"}],"main_module":"Crypt::JWT","advisories":[{"severity":"high","affected_versions":["<0.023"],"references":["https://github.com/DCIT/perl-Crypt-JWT/commit/b98a59b42ded9f9e51b2560410106207c2152d6c","https://www.openwall.com/lists/oss-security/2018/09/07/1"],"reported":"2019-03-20","id":"CPANSA-Crypt-JWT-2019-01","description":"Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector is: network connectivity. The fixed version is: after commit b98a59b42ded9f9e51b2560410106207c2152d6c.\n","fixed_versions":[">=0.023"],"distribution":"Crypt-JWT","cves":["CVE-2019-1010263"]},{"fixed_versions":[">=0.022"],"distribution":"Crypt-JWT","cves":["CVE-2019-1010161"],"severity":"high","references":["https://github.com/DCIT/perl-Crypt-JWT/issues/3#issuecomment-417947483"],"affected_versions":["<0.022"],"description":"perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypass authentication). The fixed version is: 0.023.\n","id":"CPANSA-Crypt-JWT-2019-01","reported":"2019-03-20"}]},"Catalyst-Plugin-Static":{"advisories":[{"fixed_versions":[">=0.10"],"distribution":"Catalyst-Plugin-Static","cves":[],"description":"Serving files outside of $config->{root} directory.\n","reported":"2005-11-14","id":"CPANSA-Catalyst-Plugin-Static-2005-01","affected_versions":["<0.10"]}],"main_module":"Catalyst::Plugin::Static","versions":[{"date":"2005-01-29T00:00:20","version":"0.01"},{"version":"0.02","date":"2005-02-19T20:28:50"},{"date":"2005-03-17T01:01:03","version":"0.03"},{"version":"0.04","date":"2005-03-17T19:10:36"},{"version":"0.05","date":"2005-03-21T13:34:27"},{"date":"2005-03-23T06:48:05","version":"0.05"},{"version":"0.06","date":"2005-04-15T16:58:18"},{"version":"0.07","date":"2005-04-17T14:50:45"},{"date":"2005-09-06T13:42:42","version":"0.08"},{"version":"0.09","date":"2005-11-14T08:38:35"},{"version":"0.10","date":"2005-11-14T10:26:31"},{"date":"2009-10-18T18:13:00","version":"0.11"}]},"Locale-Maketext":{"main_module":"Locale::Maketext","advisories":[{"cves":["CVE-2012-6329"],"distribution":"Locale-Maketext","fixed_versions":[],"references":["http://perl5.git.perl.org/perl.git/commit/1735f6f53ca19f99c6e9e39496c486af323ba6a8","http://sourceforge.net/mailarchive/message.php?msg_id=30219695","http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695224","http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329","http://perl5.git.perl.org/perl.git/blob/HEAD:/pod/perl5177delta.pod","http://openwall.com/lists/oss-security/2012/12/11/4","http://code.activestate.com/lists/perl5-porters/187763/","http://code.activestate.com/lists/perl5-porters/187746/","https://bugzilla.redhat.com/show_bug.cgi?id=884354","http://rhn.redhat.com/errata/RHSA-2013-0685.html","http://www.mandriva.com/security/advisories?name=MDVSA-2013:113","https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0032","http://www.ubuntu.com/usn/USN-2099-1","http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","http://www.securityfocus.com/bid/56950","http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735","http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"],"affected_versions":["<1.25"],"description":"The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6.\n","id":"CPANSA-Locale-Maketext-2012-6329","reported":"2013-01-04","severity":null},{"severity":"high","description":"Does not remove . from @INC, which might allow local users to gain privileges via a Trojan horse module under the current working directory.\n","id":"CPANSA-Locale-Maketext-2016-1238","reported":"2016-08-02","references":["http://www.nntp.perl.org/group/perl.perl5.porters/2016/07/msg238271.html","http://www.securitytracker.com/id/1036440","http://perl5.git.perl.org/perl.git/commit/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab","https://rt.perl.org/Public/Bug/Display.html?id=127834","http://www.securityfocus.com/bid/92136","http://www.debian.org/security/2016/dsa-3628","https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DOFRQWJRP2NQJEYEWOMECVW3HAMD5SYN/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZBNQH3DMI7HDELJAZ4TFJJANHXOEDWH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FBQOCV3GBAN2EYZUM3CFDJ4ECA3GZOK/","https://security.gentoo.org/glsa/201701-75","https://lists.apache.org/thread.html/7f6a16bc0fd0fd5e67c7fd95bd655069a2ac7d1f88e42d3c853e601c@%3Cannounce.apache.org%3E","https://lists.debian.org/debian-lts-announce/2018/11/msg00016.html","https://security.gentoo.org/glsa/201812-07","http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html"],"affected_versions":["<1.28"],"fixed_versions":[">=1.28"],"cves":["CVE-2016-1238"],"distribution":"Locale-Maketext"}],"versions":[{"version":"0.17","date":"1999-03-16T05:22:44"},{"date":"2000-05-14T08:26:33","version":"0.18"},{"version":"1.01","date":"2001-05-25T14:21:01"},{"version":"1.02","date":"2001-06-20T08:28:48"},{"date":"2001-06-22T05:27:18","version":"1.03"},{"version":"1.04","date":"2003-04-02T20:20:43"},{"date":"2003-04-19T06:11:36","version":"1.05"},{"date":"2003-06-22T07:51:14","version":"1.06"},{"version":"1.07","date":"2004-01-12T04:18:16"},{"version":"1.08","date":"2004-01-20T00:14:54"},{"version":"1.09","date":"2004-03-31T06:47:07"},{"date":"2005-11-11T03:42:57","version":"1.10"},{"date":"2007-05-08T05:03:08","version":"1.11_01"},{"version":"1.12","date":"2007-11-18T05:22:03"},{"date":"2008-05-28T15:01:40","version":"1.13"},{"version":"1.13_80","date":"2009-06-23T18:13:14"},{"date":"2009-06-24T00:22:21","version":"1.13_81"},{"version":"1.13_82","date":"2009-06-24T02:33:08"},{"version":"1.15_01","date":"2010-09-28T22:59:25"},{"version":"1.15_02","date":"2010-10-07T14:12:19"},{"version":"1.16","date":"2010-10-11T18:07:07"},{"version":"1.16_01","date":"2010-10-20T15:54:47"},{"version":"1.17","date":"2010-10-20T18:42:13"},{"version":"1.18_01","date":"2011-05-25T15:44:55"},{"date":"2011-05-31T19:29:50","version":"1.19"},{"version":"1.19_01","date":"2011-12-15T04:02:22"},{"version":"1.21","date":"2011-12-23T15:18:14"},{"version":"1.22","date":"2012-01-15T05:02:24"},{"date":"2012-12-04T21:29:08","version":"1.23"},{"date":"2014-04-14T03:15:07","version":"1.25_01"},{"date":"2014-04-15T20:10:23","version":"1.25"},{"date":"2014-12-04T20:57:02","version":"1.26"},{"version":"1.27","date":"2016-06-22T23:30:00"},{"date":"2016-07-25T17:57:25","version":"1.28"},{"version":"1.29","date":"2020-01-20T05:04:23"},{"version":"1.30","date":"2022-04-01T19:18:30"},{"version":"1.31","date":"2022-04-14T21:18:43"},{"date":"2022-08-22T19:20:51","version":"1.32"},{"date":"2023-12-30T21:23:51","version":"1.33"}]},"Plack-Middleware-StaticShared":{"advisories":[{"references":["https://metacpan.org/dist/Plack-Middleware-StaticShared/changes"],"affected_versions":["<0.04"],"description":"Vulnerability of directory traversal.\n","reported":"2012-04-26","id":"CPANSA-Plack-Middleware-StaticShared-2012-01","severity":null,"cves":[],"distribution":"Plack-Middleware-StaticShared","fixed_versions":[">=0.04"]}],"main_module":"Plack::Middleware::StaticShared","versions":[{"version":"0.01","date":"2010-12-03T11:42:11"},{"version":"0.02","date":"2011-08-03T00:32:41"},{"version":"0.03","date":"2011-08-10T14:36:03"},{"date":"2012-04-26T03:37:11","version":"0.04"},{"version":"0.05","date":"2013-01-24T10:40:54"},{"version":"0.06","date":"2016-06-09T03:53:36"}]},"ActivePerl":{"versions":[],"main_module":"","advisories":[{"severity":null,"darkpan":"true","description":"Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C:\\ directory, allows local users to gain privileges via a Trojan horse DLL in the C:\\Perl\\Site\\bin directory, which is added to the PATH system environment variable, as demonstrated by a Trojan horse wlbsctrl.dll file used by the \"IKE and AuthIP IPsec Keying Modules\" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview.\n","reported":"2012-10-11","id":"CPANSA-ActivePerl-2012-5377","references":["https://www.htbridge.com/advisory/HTB23108","http://osvdb.org/86177"],"affected_versions":["=5.16.1.1601"],"fixed_versions":[],"cves":["CVE-2012-5377"],"distribution":"ActivePerl"},{"id":"CPANSA-ActivePerl-2006-2856","reported":"2006-06-06","description":"ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib directory with \"Users\" group permissions for changing files, which allows local users to gain privileges by creating a malicious sitecustomize.pl file in that directory. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.\n","affected_versions":["=5.8.8.817"],"references":["http://secunia.com/advisories/20328","http://www.securityfocus.com/bid/18269","http://www.osvdb.org/25974","http://www.vupen.com/english/advisories/2006/2140","https://exchange.xforce.ibmcloud.com/vulnerabilities/26915"],"darkpan":"true","severity":null,"distribution":"ActivePerl","cves":["CVE-2006-2856"],"fixed_versions":[]},{"severity":null,"darkpan":"true","description":"Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow.\n","id":"CPANSA-ActivePerl-2004-2286","reported":"2004-12-31","references":["http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0878.html","http://www.securityfocus.com/bid/10380","https://exchange.xforce.ibmcloud.com/vulnerabilities/16224"],"affected_versions":["<=5.8.1"],"fixed_versions":[],"cves":["CVE-2004-2286"],"distribution":"ActivePerl"},{"severity":null,"darkpan":"true","references":["http://www.oliverkarow.de/research/ActivePerlSystemBOF.txt","http://www.perlmonks.org/index.pl?node_id=354145","http://www.securityfocus.com/bid/10375","http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0905.html","http://marc.info/?l=full-disclosure&m=108489112131099&w=2","http://marc.info/?l=full-disclosure&m=108482796105922&w=2","http://marc.info/?l=full-disclosure&m=108483058514596&w=2","http://marc.info/?l=bugtraq&m=108489894009025&w=2","https://exchange.xforce.ibmcloud.com/vulnerabilities/16169"],"affected_versions":["<5.10"],"description":"ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl.\n","reported":"2004-12-31","id":"CPANSA-ActivePerl-2004-2022","fixed_versions":[],"distribution":"ActivePerl","cves":["CVE-2004-2022"]},{"id":"CPANSA-ActivePerl-2004-0377","reported":"2004-05-04","description":"Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.\n","affected_versions":[],"references":["http://www.kb.cert.org/vuls/id/722414","http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/019794.html","http://public.activestate.com/cgi-bin/perlbrowse?patch=22552","http://www.idefense.com/application/poi/display?id=93&type=vulnerabilities","http://marc.info/?l=bugtraq&m=108118694327979&w=2","https://exchange.xforce.ibmcloud.com/vulnerabilities/15732"],"darkpan":"true","severity":null,"distribution":"ActivePerl","cves":["CVE-2004-0377"],"fixed_versions":[]},{"darkpan":"true","severity":null,"affected_versions":["<=5.6.1.629"],"references":["http://bugs.activestate.com/show_bug.cgi?id=18062","http://www.securityfocus.com/bid/3526","http://www.osvdb.org/678","http://marc.info/?l=bugtraq&m=100583978302585&w=2","https://exchange.xforce.ibmcloud.com/vulnerabilities/7539"],"reported":"2001-12-06","id":"CPANSA-ActivePerl-2001-0815","description":"Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.\n","fixed_versions":[],"distribution":"ActivePerl","cves":["CVE-2001-0815"]}]},"Catalyst-Runtime":{"versions":[{"version":"5.70_01","date":"2006-06-25T19:20:53"},{"date":"2006-06-27T18:10:20","version":"5.70_02"},{"date":"2006-06-28T21:50:30","version":"5.70_03"},{"version":"5.7000","date":"2006-07-07T22:47:30"},{"date":"2006-07-20T06:00:58","version":"5.7001"},{"date":"2006-09-19T07:36:29","version":"5.7002"},{"version":"5.7003","date":"2006-09-23T17:43:12"},{"date":"2006-11-06T23:28:40","version":"5.7004"},{"date":"2006-11-07T19:43:56","version":"5.7005"},{"date":"2006-11-15T08:27:59","version":"5.7006"},{"version":"5.7007","date":"2007-03-14T11:13:37"},{"version":"5.7008","date":"2007-08-13T06:36:11"},{"date":"2007-08-21T22:23:53","version":"5.7009"},{"version":"5.7010","date":"2007-08-22T05:51:41"},{"version":"5.7011","date":"2007-10-18T18:11:24"},{"version":"5.7012","date":"2007-12-17T08:19:28"},{"version":"5.7013","date":"2008-05-17T12:41:13"},{"date":"2008-05-25T21:16:45","version":"5.7013"},{"date":"2008-06-25T20:43:41","version":"5.7099_01"},{"date":"2008-07-18T11:41:25","version":"5.7099_02"},{"version":"5.7099_02","date":"2008-07-20T08:15:02"},{"version":"5.7099_02","date":"2008-10-13T20:55:41"},{"date":"2008-10-14T06:06:06","version":"5.7099_02"},{"version":"5.7015","date":"2008-10-15T21:44:15"},{"version":"5.8000_03","date":"2008-10-17T12:42:53"},{"version":"5.8000_04","date":"2008-12-05T15:11:14"},{"version":"5.7099_04","date":"2009-01-12T15:46:59"},{"version":"5.71000","date":"2009-01-19T17:36:04"},{"date":"2009-01-29T08:56:09","version":"5.8000_05"},{"date":"2009-02-04T20:08:22","version":"5.8000_06"},{"version":"5.71001","date":"2009-03-27T09:21:12"},{"version":"5.8000_07","date":"2009-04-13T19:03:36"},{"date":"2009-04-18T20:26:00","version":"5.80001"},{"version":"5.80002","date":"2009-04-21T23:45:45"},{"date":"2009-04-29T14:39:21","version":"5.80003"},{"version":"5.80004","date":"2009-05-18T15:16:38"},{"version":"5.80005","date":"2009-06-06T12:49:15"},{"date":"2009-06-29T22:11:48","version":"5.80006"},{"version":"5.80007","date":"2009-06-30T22:11:36"},{"version":"5.80008","date":"2009-08-21T16:14:33"},{"date":"2009-08-21T20:29:33","version":"5.80009"},{"version":"5.80010","date":"2009-08-21T21:42:08"},{"date":"2009-08-23T11:57:26","version":"5.80011"},{"date":"2009-09-09T18:01:32","version":"5.80012"},{"version":"5.80013","date":"2009-09-17T09:35:20"},{"date":"2009-11-21T02:32:20","version":"5.80014"},{"version":"5.80014_01","date":"2009-11-22T20:24:47"},{"date":"2009-12-01T01:14:00","version":"5.80014_02"},{"version":"5.80015","date":"2009-12-02T15:42:50"},{"version":"5.80016","date":"2009-12-11T23:37:44"},{"date":"2010-01-10T02:01:50","version":"5.80017"},{"version":"5.80018","date":"2010-01-12T21:39:47"},{"date":"2010-01-29T00:18:07","version":"5.80019"},{"date":"2010-02-04T06:19:31","version":"5.80020"},{"version":"5.80021","date":"2010-03-03T23:16:29"},{"date":"2010-03-28T19:25:48","version":"5.80022"},{"version":"5.80023","date":"2010-05-07T22:07:08"},{"date":"2010-05-15T09:57:52","version":"5.80024"},{"date":"2010-07-29T00:59:16","version":"5.80025"},{"version":"5.80026","date":"2010-09-01T15:10:42"},{"date":"2010-09-02T11:33:03","version":"5.80027"},{"version":"5.80028","date":"2010-09-28T20:14:11"},{"date":"2010-10-03T16:24:08","version":"5.80029"},{"version":"5.80030","date":"2011-01-04T12:56:30"},{"date":"2011-01-24T10:50:27","version":"5.89000"},{"version":"5.80031","date":"2011-01-31T08:25:21"},{"date":"2011-02-23T08:28:58","version":"5.80032"},{"date":"2011-03-01T14:56:37","version":"5.89001"},{"version":"5.89002","date":"2011-03-02T10:37:42"},{"date":"2011-07-24T15:58:37","version":"5.80033"},{"date":"2011-07-28T20:05:01","version":"5.89003"},{"version":"5.9000","date":"2011-08-15T21:35:34"},{"date":"2011-08-15T21:59:58","version":"5.90001"},{"version":"5.90002","date":"2011-08-22T20:55:10"},{"date":"2011-10-05T07:48:57","version":"5.90003"},{"date":"2011-10-11T15:19:05","version":"5.90004"},{"version":"5.90005","date":"2011-10-22T21:01:24"},{"version":"5.90006","date":"2011-10-25T17:54:34"},{"version":"5.90007","date":"2011-11-22T20:40:44"},{"version":"5.90008","date":"2012-02-06T21:08:28"},{"version":"5.90009","date":"2012-02-16T09:29:44"},{"version":"5.90010","date":"2012-02-18T00:49:30"},{"date":"2012-03-08T21:53:00","version":"5.90011"},{"date":"2012-05-19T07:13:21","version":"5.90012"},{"version":"5.90013","date":"2012-06-08T00:37:40"},{"version":"5.90013","date":"2012-06-21T20:41:41"},{"date":"2012-06-26T14:34:56","version":"5.90014"},{"date":"2012-06-30T18:00:53","version":"5.90015"},{"date":"2012-08-17T01:39:42","version":"5.90016"},{"date":"2012-10-19T21:51:54","version":"5.90017"},{"version":"5.90018","date":"2012-10-24T01:01:44"},{"date":"2012-12-04T22:04:19","version":"5.90019"},{"version":"5.90020","date":"2013-02-22T14:05:39"},{"version":"5.90030","date":"2013-04-12T17:09:27"},{"date":"2013-06-12T21:26:14","version":"5.90040"},{"date":"2013-06-15T02:10:17","version":"5.90041"},{"date":"2013-06-16T01:57:47","version":"5.90042"},{"version":"5.90049_001","date":"2013-07-26T19:13:01"},{"version":"5.90049_002","date":"2013-08-21T02:39:45"},{"version":"5.90049_003","date":"2013-09-20T19:03:54"},{"version":"5.90049_004","date":"2013-10-18T22:19:33"},{"date":"2013-10-31T20:48:42","version":"5.90049_005"},{"version":"5.90049_006","date":"2013-11-05T03:25:31"},{"date":"2013-11-05T22:35:22","version":"5.90050"},{"version":"5.90051","date":"2013-11-07T17:14:35"},{"version":"5.90052","date":"2013-12-18T20:03:22"},{"version":"5.90059_001","date":"2013-12-19T14:33:08"},{"date":"2013-12-22T16:18:16","version":"5.90053"},{"date":"2013-12-22T16:34:11","version":"5.90059_002"},{"version":"5.90059_003","date":"2013-12-27T02:27:08"},{"date":"2014-01-27T17:20:51","version":"5.90059_004"},{"version":"5.90059_005","date":"2014-01-28T19:36:58"},{"date":"2014-02-06T20:41:25","version":"5.90059_006"},{"date":"2014-02-08T03:11:11","version":"5.90060"},{"date":"2014-03-10T14:46:10","version":"5.90061"},{"date":"2014-04-14T18:53:26","version":"5.90062"},{"date":"2014-05-02T00:15:16","version":"5.90063"},{"version":"5.90064","date":"2014-05-05T14:55:25"},{"date":"2014-05-27T18:08:08","version":"5.90069_001"},{"date":"2014-06-05T12:44:59","version":"5.90065"},{"date":"2014-06-10T00:22:42","version":"5.90069_002"},{"version":"5.90069_003","date":"2014-08-06T15:09:29"},{"version":"5.90069_004","date":"2014-08-07T15:59:15"},{"version":"5.90070","date":"2014-08-07T21:49:59"},{"date":"2014-08-10T13:15:52","version":"5.90071"},{"version":"5.90072","date":"2014-09-15T16:30:58"},{"version":"5.90073","date":"2014-09-23T17:24:54"},{"date":"2014-10-01T21:45:12","version":"5.90074"},{"version":"5.90075","date":"2014-10-07T00:07:51"},{"date":"2014-11-14T00:20:16","version":"5.90076"},{"date":"2014-11-19T00:28:27","version":"5.90077"},{"date":"2014-12-02T21:50:30","version":"5.90079_001"},{"version":"5.90079_002","date":"2014-12-02T23:22:07"},{"version":"5.90079_003","date":"2014-12-03T19:45:16"},{"date":"2014-12-26T23:05:46","version":"5.90079_004"},{"date":"2014-12-31T16:26:20","version":"5.90078"},{"date":"2014-12-31T21:04:56","version":"5.90079_005"},{"date":"2015-01-02T15:11:55","version":"5.90079_006"},{"date":"2015-01-02T18:11:38","version":"5.90079"},{"version":"5.90079_007","date":"2015-01-07T20:01:40"},{"version":"5.90079_008","date":"2015-01-07T23:26:17"},{"version":"5.90080","date":"2015-01-09T17:04:47"},{"date":"2015-01-10T22:39:56","version":"5.90081"},{"date":"2015-01-10T23:33:56","version":"5.90082"},{"version":"5.90083","date":"2015-02-17T02:29:50"},{"version":"5.90084","date":"2015-02-23T22:24:50"},{"version":"5.90085","date":"2015-03-25T18:58:11"},{"date":"2015-03-26T21:30:15","version":"5.90089_001"},{"date":"2015-04-17T21:32:30","version":"5.90089_002"},{"date":"2015-04-27T20:20:40","version":"5.90089_003"},{"date":"2015-04-28T18:24:12","version":"5.90089_004"},{"date":"2015-04-29T14:04:24","version":"5.90090"},{"date":"2015-05-08T20:36:59","version":"5.90091"},{"version":"5.90092","date":"2015-05-19T16:48:30"},{"date":"2015-05-29T17:06:23","version":"5.90093"},{"version":"5.90094","date":"2015-07-24T20:17:46"},{"date":"2015-07-27T14:32:30","version":"5.90095"},{"version":"5.90096","date":"2015-07-27T15:44:59"},{"date":"2015-07-28T20:33:41","version":"5.90097"},{"date":"2015-08-24T16:30:12","version":"5.90100"},{"version":"5.90101","date":"2015-09-04T22:57:40"},{"date":"2015-10-29T19:39:24","version":"5.90102"},{"version":"5.90103","date":"2015-11-12T10:19:42"},{"date":"2016-04-04T17:18:38","version":"5.90104"},{"date":"2016-06-08T20:06:53","version":"5.90105"},{"date":"2016-07-06T01:21:42","version":"5.90106"},{"version":"5.90110","date":"2016-07-20T19:12:32"},{"version":"5.90111","date":"2016-07-20T20:07:16"},{"version":"5.90112","date":"2016-07-25T21:03:05"},{"date":"2016-12-15T21:35:30","version":"5.90113"},{"version":"5.90114","date":"2016-12-19T16:54:08"},{"version":"5.90115","date":"2017-05-01T16:42:46"},{"version":"5.90116","date":"2018-01-19T20:55:15"},{"date":"2018-01-21T23:47:21","version":"5.90117"},{"version":"5.90118","date":"2018-05-01T09:59:20"},{"version":"5.90119","date":"2018-09-24T00:25:48"},{"version":"5.90120","date":"2018-10-19T06:13:58"},{"version":"5.90_121","date":"2018-10-22T20:39:48"},{"date":"2018-11-03T14:52:06","version":"5.90122"},{"version":"5.90123","date":"2018-11-27T15:39:35"},{"version":"5.90124","date":"2019-01-18T22:36:07"},{"version":"5.90125","date":"2020-01-19T01:11:05"},{"date":"2020-01-20T01:40:16","version":"5.90126"},{"date":"2020-07-27T01:25:21","version":"5.90_127"},{"date":"2020-09-11T12:38:26","version":"5.90128"},{"version":"5.90129","date":"2022-07-23T13:13:34"},{"date":"2022-11-09T15:37:01","version":"5.90130"},{"version":"5.90131","date":"2023-07-20T23:09:29"},{"version":"5.90132","date":"2024-11-08T19:56:41"}],"advisories":[{"references":["http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits/Catalyst-Runtime.git;a=commitdiff;h=7af54927870a7c6f89323ac1876d49f92e7841f5"],"affected_versions":["<5.90020"],"description":"Passing a special host to the redirect page link makes it vulnerable to XSS attack.\n","id":"CPANSA-Catalyst-Runtime-2013-01","reported":"2013-01-23","fixed_versions":[">=5.90020"],"distribution":"Catalyst-Runtime","cves":[]},{"cves":[],"distribution":"Catalyst-Runtime","fixed_versions":[">=5.58"],"affected_versions":["<5.58"],"id":"CPANSA-Catalyst-Runtime-2005-01","reported":"2005-11-24","description":"Path traversal in Static::Simple plugin.\n"}],"main_module":"Catalyst::Runtime"},"XML-DT":{"advisories":[{"fixed_versions":[],"distribution":"XML-DT","cves":["CVE-2014-5260"],"severity":null,"id":"CPANSA-XML-DT-2014-5260","reported":"2014-08-16","description":"The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.\n","affected_versions":["<0.64"],"references":["http://openwall.com/lists/oss-security/2014/08/15/8","https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/","https://metacpan.org/source/AMBS/XML-DT-0.66/Changes","https://bugs.debian.org/756566"]}],"main_module":"XML::DT","versions":[{"version":"0.11","date":"1999-07-30T13:04:11"},{"version":"0.14","date":"2000-04-07T09:24:55"},{"date":"2000-09-19T17:03:40","version":"0.15"},{"date":"2000-10-16T16:21:54","version":"0.16"},{"version":"0.19","date":"2000-11-30T12:37:27"},{"version":"0.20","date":"2002-03-07T17:54:06"},{"date":"2002-05-28T12:35:07","version":"0.21"},{"version":"0.22","date":"2002-12-20T17:31:58"},{"date":"2002-12-27T09:10:47","version":"0.23"},{"version":"0.24","date":"2003-02-20T16:16:43"},{"version":"v0.24.1","date":"2003-06-17T10:15:16"},{"date":"2003-10-09T08:12:32","version":"0.25"},{"date":"2003-10-13T07:47:22","version":"0.25"},{"version":"0.27","date":"2003-11-14T10:55:50"},{"date":"2003-12-16T14:25:13","version":"0.28"},{"version":"0.29","date":"2004-01-07T11:38:24"},{"date":"2004-01-22T11:25:21","version":"0.30"},{"version":"0.31","date":"2004-08-09T17:43:41"},{"version":"0.32","date":"2004-09-20T19:15:56"},{"version":"0.33","date":"2004-10-03T19:21:18"},{"date":"2004-10-30T14:43:29","version":"0.34"},{"version":"0.35","date":"2004-11-15T16:39:19"},{"date":"2004-11-19T17:29:05","version":"0.36"},{"date":"2004-11-21T16:27:45","version":"0.37"},{"date":"2004-12-24T16:34:24","version":"0.38"},{"version":"0.39","date":"2005-03-22T12:05:18"},{"date":"2005-04-06T08:14:46","version":"0.40"},{"version":"0.41","date":"2005-07-20T20:28:06"},{"version":"0.42","date":"2005-09-18T16:06:11"},{"date":"2006-05-15T09:08:21","version":"0.43"},{"date":"2006-05-15T09:33:07","version":"0.44"},{"version":"0.45","date":"2006-05-16T14:14:36"},{"date":"2006-11-03T09:39:12","version":"0.46"},{"version":"0.47","date":"2006-11-23T18:14:09"},{"version":"0.48","date":"2008-02-20T22:00:02"},{"date":"2008-02-20T22:16:45","version":"0.49"},{"date":"2008-02-21T22:02:53","version":"0.50"},{"date":"2008-02-22T17:19:12","version":"0.51"},{"date":"2008-10-22T09:12:08","version":"0.52"},{"version":"0.53","date":"2009-01-18T20:10:36"},{"date":"2010-11-19T16:27:23","version":"0.54"},{"version":"0.55","date":"2011-02-12T22:08:27"},{"date":"2011-02-12T22:09:55","version":"0.56"},{"version":"0.57","date":"2012-04-07T20:30:58"},{"date":"2012-04-09T10:19:15","version":"0.58"},{"date":"2012-06-05T13:37:08","version":"0.59"},{"version":"0.60","date":"2012-06-25T16:57:54"},{"version":"0.61","date":"2012-06-25T17:04:58"},{"version":"0.62","date":"2012-06-25T19:02:40"},{"date":"2013-03-25T22:27:48","version":"0.63"},{"date":"2014-07-31T19:46:44","version":"0.64"},{"date":"2014-08-01T13:00:43","version":"0.65"},{"version":"0.66","date":"2014-08-15T20:17:39"},{"date":"2015-03-15T18:28:49","version":"0.67"},{"version":"0.68","date":"2015-09-29T08:06:14"},{"version":"0.69","date":"2019-04-22T17:01:30"}]},"HTML-Parser":{"versions":[{"version":"2.14","date":"1998-03-31T22:25:05"},{"version":"2.16","date":"1998-04-02T11:40:38"},{"date":"1998-04-28T08:35:12","version":"2.17"},{"version":"2.18","date":"1998-06-22T19:45:24"},{"date":"1998-07-06T23:12:33","version":"2.19"},{"date":"1998-07-08T13:05:04","version":"2.20"},{"version":"2.21","date":"1998-11-13T21:48:08"},{"date":"1999-06-09T10:34:35","version":"2.23"},{"version":"2.24","date":"1999-11-03T07:10:32"},{"date":"1999-11-05T09:46:11","version":"2.25"},{"version":"3.00","date":"1999-12-14T23:01:49"},{"date":"1999-12-19T07:07:38","version":"3.01"},{"version":"3.02","date":"1999-12-21T09:55:56"},{"version":"3.04","date":"2000-01-15T16:25:39"},{"date":"2000-01-22T16:14:25","version":"3.05"},{"version":"3.06","date":"2000-03-06T14:00:15"},{"version":"3.07","date":"2000-03-20T12:47:48"},{"date":"2000-05-23T10:59:19","version":"3.08"},{"version":"3.09","date":"2000-06-28T08:49:09"},{"version":"3.10","date":"2000-06-29T07:52:47"},{"date":"2000-08-22T10:04:28","version":"3.11"},{"date":"2000-09-14T18:22:47","version":"3.12"},{"version":"3.13","date":"2000-09-17T01:55:45"},{"version":"3.14","date":"2000-12-04T06:05:39"},{"date":"2000-12-26T09:04:53","version":"3.15"},{"version":"3.16","date":"2001-02-23T07:21:20"},{"date":"2001-02-24T06:32:38","version":"3.17"},{"version":"3.18","date":"2001-02-25T04:51:50"},{"version":"3.19","date":"2001-03-10T04:32:27"},{"version":"3.19_90","date":"2001-03-13T19:44:52"},{"date":"2001-03-16T02:29:32","version":"3.19"},{"version":"3.19_91","date":"2001-03-19T19:26:50"},{"version":"3.19_92","date":"2001-03-26T15:37:39"},{"version":"3.19_93","date":"2001-03-27T19:44:20"},{"version":"3.19_94","date":"2001-03-30T08:24:11"},{"version":"3.20","date":"2001-04-03T00:18:14"},{"version":"3.21","date":"2001-04-10T22:34:03"},{"date":"2001-04-18T05:31:23","version":"3.22"},{"date":"2001-05-02T04:18:51","version":"3.23"},{"date":"2001-05-05T06:18:21","version":"3.23"},{"version":"3.24","date":"2001-05-09T07:23:34"},{"date":"2001-05-11T17:26:39","version":"3.25"},{"date":"2001-06-12T08:35:06","version":"3.25"},{"version":"3.26","date":"2002-03-17T20:11:55"},{"date":"2003-01-18T13:08:01","version":"3.27"},{"version":"3.28","date":"2003-04-17T03:56:32"},{"version":"3.29","date":"2003-08-15T06:11:17"},{"date":"2003-08-18T05:48:21","version":"3.30"},{"version":"3.31","date":"2003-08-19T14:56:07"},{"date":"2003-10-10T14:31:48","version":"3.32"},{"version":"3.33","date":"2003-10-14T10:53:29"},{"version":"3.34","date":"2003-10-27T21:23:09"},{"version":"3.35","date":"2003-12-12T14:27:23"},{"version":"3.36","date":"2004-04-01T12:21:44"},{"version":"3.37","date":"2004-11-10T18:56:54"},{"date":"2004-11-11T10:19:56","version":"3.38"},{"version":"3.39_90","date":"2004-11-17T14:33:49"},{"date":"2004-11-23T11:46:30","version":"3.39_91"},{"version":"3.39_92","date":"2004-11-23T22:25:21"},{"version":"3.40","date":"2004-11-29T11:14:34"},{"version":"3.41","date":"2004-11-30T09:30:56"},{"version":"3.42","date":"2004-12-04T11:54:54"},{"date":"2004-12-06T09:19:28","version":"3.43"},{"date":"2004-12-28T14:07:28","version":"3.44"},{"date":"2005-01-06T09:09:45","version":"3.45"},{"date":"2005-10-24T12:34:04","version":"3.46"},{"version":"3.47","date":"2005-11-22T21:50:09"},{"date":"2005-12-02T17:41:00","version":"3.48"},{"version":"3.49","date":"2006-02-08T10:58:39"},{"version":"3.50","date":"2006-02-14T18:32:51"},{"date":"2006-03-22T09:26:15","version":"3.51"},{"date":"2006-04-26T08:43:13","version":"3.52"},{"date":"2006-04-27T11:55:34","version":"3.53"},{"date":"2006-04-28T08:21:04","version":"3.54"},{"version":"3.55","date":"2006-07-10T09:16:22"},{"version":"3.56","date":"2007-01-12T11:00:07"},{"version":"3.57","date":"2008-11-16T21:45:07"},{"date":"2008-11-17T11:35:37","version":"3.58"},{"date":"2008-11-24T09:15:09","version":"3.59"},{"version":"3.60","date":"2009-02-09T11:26:08"},{"version":"3.61","date":"2009-06-20T09:34:17"},{"version":"3.62","date":"2009-08-13T21:01:27"},{"version":"3.63","date":"2009-10-22T20:11:52"},{"version":"3.64","date":"2009-10-25T12:24:11"},{"date":"2010-04-04T20:44:00","version":"3.65"},{"date":"2010-07-09T13:27:13","version":"3.66"},{"version":"3.67","date":"2010-08-17T17:15:19"},{"version":"3.68","date":"2010-09-01T21:28:52"},{"date":"2011-10-15T15:35:01","version":"3.69"},{"version":"3.70","date":"2013-03-28T22:21:30"},{"version":"3.71","date":"2013-05-08T22:23:29"},{"version":"3.72","date":"2016-01-19T17:44:02"},{"version":"3.73","date":"2020-08-25T17:40:17"},{"version":"3.74","date":"2020-08-30T18:40:48"},{"version":"3.75","date":"2020-08-30T19:58:22"},{"version":"3.76","date":"2021-03-04T18:06:59"},{"version":"3.77","date":"2022-03-14T22:12:49"},{"version":"3.78","date":"2022-03-28T15:23:23"},{"date":"2022-10-12T15:41:58","version":"3.79"},{"version":"3.80","date":"2022-11-01T14:19:26"},{"date":"2023-01-31T03:13:18","version":"3.81"},{"version":"3.82","date":"2024-03-13T20:11:51"},{"version":"3.83","date":"2024-07-30T16:42:50"}],"main_module":"HTML::Parser","advisories":[{"fixed_versions":[],"distribution":"HTML-Parser","cves":["CVE-2009-3627"],"severity":null,"reported":"2009-10-29","id":"CPANSA-HTML-Parser-2009-3627","description":"The decode_entities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service (infinite loop) via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character.\n","affected_versions":["<3.63"],"references":["https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6225","http://www.openwall.com/lists/oss-security/2009/10/23/9","http://secunia.com/advisories/37155","http://www.securityfocus.com/bid/36807","https://bugzilla.redhat.com/show_bug.cgi?id=530604","http://www.vupen.com/english/advisories/2009/3022","http://github.com/gisle/html-parser/commit/b9aae1e43eb2c8e989510187cff0ba3e996f9a4c","https://exchange.xforce.ibmcloud.com/vulnerabilities/53941"]}]},"Filesys-SmbClientParser":{"advisories":[{"id":"CPANSA-Filesys-SmbClientParser-2008-3285","reported":"2008-07-24","description":"The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.\n","affected_versions":["<=2.7"],"references":["http://www.securityfocus.com/bid/30290","http://secunia.com/advisories/31175","http://securityreason.com/securityalert/4027","https://exchange.xforce.ibmcloud.com/vulnerabilities/43910","http://www.securityfocus.com/archive/1/494536/100/0/threaded"],"severity":null,"distribution":"Filesys-SmbClientParser","cves":["CVE-2008-3285"],"fixed_versions":[]}],"main_module":"Filesys::SmbClientParser","versions":[{"version":"0.01","date":"2000-11-19T21:10:38"},{"version":"0.2","date":"2000-11-20T19:41:09"},{"date":"2001-01-12T00:31:50","version":"0.3"},{"date":"2001-04-15T22:37:14","version":"1.2"},{"date":"2001-04-19T17:38:19","version":"1.3"},{"date":"2001-05-30T08:04:44","version":"1.4"},{"version":"2.0","date":"2002-01-25T12:18:47"},{"date":"2002-04-19T21:56:09","version":"2.1"},{"version":"2.2","date":"2002-08-09T11:24:20"},{"version":"2.3","date":"2002-08-13T14:55:48"},{"date":"2002-11-08T23:57:07","version":"2.4"},{"version":"2.5","date":"2002-11-12T18:59:33"},{"version":"2.6","date":"2004-01-28T23:06:58"},{"date":"2004-04-14T21:56:02","version":"2.7"}]},"DBD-mysqlPP":{"main_module":"DBD::mysqlPP","advisories":[{"severity":"high","references":["https://metacpan.org/changes/distribution/DBD-mysqlPP","https://jvn.jp/en/jp/JVN51216285/index.html"],"affected_versions":["<0.93"],"description":"SQL injection.\n","reported":"2011-10-14","id":"CPANSA-DBD-mysqlPP-2011-01","fixed_versions":[">=0.03"],"distribution":"DBD-mysqlPP","cves":[]}],"versions":[{"date":"2002-04-04T07:20:36","version":"0.02"},{"version":"0.03","date":"2002-04-15T10:26:39"},{"date":"2003-01-24T11:14:14","version":"0.04"},{"date":"2011-10-21T23:07:07","version":"0.05"},{"date":"2011-10-26T22:17:22","version":"0.06"},{"version":"0.07","date":"2011-11-17T22:24:50"}]},"IO-Socket-SSL":{"main_module":"IO::Socket::SSL","advisories":[{"severity":null,"affected_versions":["<=1.35"],"references":["http://osvdb.org/69626","http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058","http://www.securityfocus.com/bid/45189","http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.35/Changes","http://secunia.com/advisories/42508","http://secunia.com/advisories/42757","http://www.openwall.com/lists/oss-security/2010/12/09/8","http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052594.html","http://www.openwall.com/lists/oss-security/2010/12/24/1","http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052601.html","http://www.mandriva.com/security/advisories?name=MDVSA-2011:092"],"id":"CPANSA-IO-Socket-SSL-2010-4334","reported":"2011-01-14","description":"The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.\n","fixed_versions":[">1.35"],"cves":["CVE-2010-4334"],"distribution":"IO-Socket-SSL"},{"severity":null,"description":"The verify_hostname_of_cert function in the certificate checking feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only matches the prefix of a hostname when no wildcard is used, which allows remote attackers to bypass the hostname check for a certificate.\n","reported":"2009-08-31","id":"CPANSA-IO-Socket-SSL-2009-3024","references":["http://www.openwall.com/lists/oss-security/2009/08/31/4","http://www.openwall.com/lists/oss-security/2009/08/28/1","http://cpansearch.perl.org/src/SULLR/IO-Socket-SSL-1.30/Changes","http://www.openwall.com/lists/oss-security/2009/08/29/1","http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html","http://www.vupen.com/english/advisories/2011/0118","http://www.gentoo.org/security/en/glsa/glsa-201101-06.xml","http://secunia.com/advisories/42893"],"affected_versions":[">=1.14","<=1.25"],"fixed_versions":[">=1.26"],"cves":["CVE-2009-3024"],"distribution":"IO-Socket-SSL"}],"versions":[{"version":"0.70","date":"1999-06-18T14:54:49"},{"date":"1999-07-21T19:45:05","version":"0.72"},{"date":"1999-07-29T17:28:04","version":"0.73"},{"version":"0.74","date":"2000-07-04T11:46:51"},{"date":"2000-08-08T06:59:10","version":"0.75"},{"date":"2000-11-17T14:26:45","version":"0.76"},{"version":"0.77","date":"2001-01-15T13:57:06"},{"date":"2001-04-24T07:00:38","version":"0.78"},{"version":"0.79","date":"2001-06-04T08:01:01"},{"version":"0.80","date":"2001-08-19T08:28:53"},{"version":"0.81","date":"2002-04-10T12:43:43"},{"version":"0.90","date":"2002-08-13T21:42:55"},{"date":"2002-08-19T15:28:09","version":"0.901"},{"version":"0.91","date":"2002-09-01T01:13:14"},{"date":"2002-10-22T06:15:30","version":"0.92"},{"date":"2003-06-24T19:24:37","version":"0.93"},{"date":"2003-06-26T19:41:04","version":"0.94"},{"version":"0.95","date":"2003-08-25T22:47:30"},{"version":"0.96","date":"2004-04-30T17:43:07"},{"date":"2005-07-17T09:20:02","version":"0.97"},{"version":"0.98","date":"2006-06-12T14:37:33"},{"date":"2006-06-12T14:48:30","version":"0.98"},{"date":"2006-07-17T15:05:06","version":"0.99"},{"version":"0.99","date":"2006-07-18T13:33:27"},{"version":"0.99","date":"2006-07-20T05:59:15"},{"date":"2006-07-20T08:35:45","version":"0.99"},{"version":"0.99","date":"2006-07-24T14:27:43"},{"date":"2006-08-02T07:30:04","version":"0.99"},{"date":"2006-08-02T07:37:59","version":"0.99"},{"date":"2006-08-02T20:43:25","version":"0.99"},{"date":"2006-08-11T10:01:10","version":"0.99"},{"version":"0.99","date":"2006-08-15T20:22:28"},{"date":"2006-09-12T14:16:38","version":"0.99"},{"version":"0.99","date":"2006-09-13T11:10:06"},{"date":"2006-12-01T09:57:52","version":"0.99"},{"date":"2007-03-06T18:12:09","version":"0.99"},{"date":"2007-03-28T19:06:21","version":"0.99"},{"date":"2007-04-16T19:35:58","version":"0.99"},{"date":"2007-04-30T07:45:00","version":"0.99"},{"version":"0.99","date":"2007-06-03T19:46:51"},{"version":"0.99","date":"2007-06-06T13:59:06"},{"date":"2007-08-10T09:07:39","version":"0.99"},{"date":"2007-09-13T19:40:43","version":"0.99"},{"version":"0.99","date":"2007-10-09T21:18:11"},{"date":"2007-10-10T18:49:29","version":"0.99"},{"date":"2007-10-26T06:29:26","version":"0.99"},{"version":"0.99","date":"2008-01-11T17:59:06"},{"date":"2008-01-28T06:44:08","version":"0.99"},{"date":"2008-02-22T09:07:12","version":"0.99"},{"date":"2008-02-24T09:42:37","version":"0.99"},{"version":"0.99","date":"2008-02-25T21:18:02"},{"date":"2008-03-10T08:46:06","version":"0.99"},{"date":"2008-07-16T09:27:07","version":"0.99"},{"date":"2008-08-28T20:03:28","version":"0.99"},{"date":"2008-09-19T06:34:13","version":"0.99"},{"date":"2008-09-19T16:54:30","version":"0.99"},{"version":"0.99","date":"2008-09-24T07:52:48"},{"version":"0.99","date":"2008-09-25T09:24:39"},{"date":"2008-10-13T09:06:13","version":"0.99"},{"version":"0.99","date":"2008-11-17T17:21:39"},{"date":"2008-12-31T14:47:59","version":"0.99"},{"version":"0.99","date":"2009-01-15T20:52:54"},{"version":"0.99","date":"2009-01-22T20:59:47"},{"version":"0.99","date":"2009-01-24T06:34:00"},{"version":"1.23","date":"2009-02-23T09:59:39"},{"date":"2009-04-01T08:02:14","version":"1.24"},{"version":"1.25","date":"2009-07-02T18:15:35"},{"version":"1.26","date":"2009-07-03T07:36:23"},{"version":"1.27","date":"2009-07-24T06:37:32"},{"version":"1.28","date":"2009-08-19T10:46:35"},{"date":"2009-08-19T10:54:30","version":"1.29"},{"date":"2009-08-19T14:41:37","version":"1.30"},{"date":"2009-09-01T07:44:10","version":"1.30_2"},{"date":"2009-09-02T05:57:30","version":"1.30_3"},{"version":"1.31","date":"2009-09-25T19:10:53"},{"version":"1.32","date":"2010-02-22T09:39:43"},{"date":"2010-03-17T12:53:27","version":"1.33"},{"version":"1.34","date":"2010-11-01T08:55:36"},{"date":"2010-12-06T08:16:23","version":"1.35"},{"version":"1.36","date":"2010-12-08T19:28:31"},{"date":"2010-12-09T08:38:47","version":"1.37"},{"version":"1.38","date":"2011-01-18T08:45:03"},{"date":"2011-03-03T11:39:29","version":"1.39"},{"date":"2011-05-02T10:32:52","version":"1.40"},{"version":"1.41","date":"2011-05-10T05:14:22"},{"date":"2011-05-10T14:15:57","version":"1.42"},{"date":"2011-05-11T08:23:15","version":"1.43"},{"version":"1.43_1","date":"2011-05-12T19:35:25"},{"version":"1.44","date":"2011-05-27T11:46:14"},{"date":"2011-10-13T08:42:32","version":"1.45"},{"date":"2011-10-18T06:30:07","version":"1.46"},{"date":"2011-10-21T07:09:03","version":"1.47"},{"version":"1.48","date":"2011-10-26T16:35:42"},{"version":"1.49","date":"2011-10-28T08:26:49"},{"date":"2011-12-06T21:14:17","version":"1.50"},{"date":"2011-12-06T21:25:05","version":"1.51"},{"date":"2011-12-07T08:12:01","version":"1.52"},{"date":"2011-12-11T21:45:13","version":"1.53"},{"version":"1.54","date":"2012-01-11T08:15:23"},{"version":"1.55","date":"2012-02-20T06:49:04"},{"version":"1.56","date":"2012-02-22T15:49:39"},{"date":"2012-02-26T21:57:54","version":"1.57"},{"date":"2012-02-26T22:09:30","version":"1.58"},{"date":"2012-03-08T10:44:05","version":"1.59"},{"date":"2012-03-20T18:59:41","version":"1.60"},{"date":"2012-03-27T14:34:36","version":"1.61"},{"version":"1.62","date":"2012-03-28T05:53:19"},{"date":"2012-04-06T20:33:58","version":"1.63"},{"date":"2012-04-06T21:04:54","version":"1.64"},{"version":"1.65","date":"2012-04-16T16:51:54"},{"date":"2012-04-16T18:52:52","version":"1.66"},{"date":"2012-05-07T09:39:11","version":"1.67"},{"date":"2012-05-07T13:01:38","version":"1.68"},{"date":"2012-05-08T08:24:35","version":"1.69"},{"date":"2012-05-08T09:18:24","version":"1.70"},{"date":"2012-05-09T08:41:48","version":"1.71"},{"date":"2012-05-10T11:10:15","version":"1.72"},{"date":"2012-05-11T19:29:42","version":"1.73"},{"version":"1.74","date":"2012-05-13T15:19:26"},{"version":"1.74_1","date":"2012-06-07T17:42:47"},{"date":"2012-06-07T21:59:28","version":"1.74_2"},{"version":"1.75","date":"2012-06-15T12:42:21"},{"version":"1.76","date":"2012-06-18T06:20:09"},{"version":"1.77","date":"2012-10-05T05:36:56"},{"version":"1.78","date":"2012-11-25T14:08:27"},{"version":"1.79","date":"2012-11-25T15:50:09"},{"version":"1.80","date":"2012-11-30T07:47:23"},{"version":"1.81","date":"2012-12-06T09:14:04"},{"date":"2013-01-28T07:41:50","version":"1.82"},{"date":"2013-02-03T19:04:27","version":"1.83"},{"version":"1.831","date":"2013-02-14T08:05:20"},{"version":"1.84","date":"2013-02-15T20:48:12"},{"version":"1.85","date":"2013-04-14T08:59:30"},{"version":"1.86","date":"2013-04-17T11:31:18"},{"version":"1.87","date":"2013-04-24T18:16:01"},{"version":"1.88","date":"2013-05-02T05:59:47"},{"version":"1.89","date":"2013-05-14T13:36:49"},{"version":"1.90","date":"2013-05-29T18:58:35"},{"date":"2013-05-30T09:36:07","version":"1.91"},{"version":"1.92","date":"2013-05-30T19:20:11"},{"version":"1.93","date":"2013-05-31T06:14:58"},{"version":"1.94","date":"2013-06-01T12:46:14"},{"version":"1.950","date":"2013-07-03T08:44:53"},{"date":"2013-07-03T10:02:42","version":"1.951"},{"version":"1.952","date":"2013-07-11T20:14:18"},{"version":"1.953","date":"2013-07-22T06:34:31"},{"date":"2013-09-15T13:05:33","version":"1.954"},{"version":"1.955","date":"2013-10-11T16:54:45"},{"date":"2013-11-10T18:00:08","version":"1.956"},{"version":"1.957","date":"2013-11-11T08:42:30"},{"date":"2013-11-11T18:28:16","version":"1.958"},{"version":"1.959","date":"2013-11-12T15:39:42"},{"date":"2013-11-13T00:10:43","version":"1.960"},{"date":"2013-11-26T14:47:11","version":"1.961"},{"version":"1.962","date":"2013-11-27T21:19:25"},{"date":"2014-01-13T13:05:48","version":"1.963"},{"date":"2014-01-15T11:36:49","version":"1.964"},{"date":"2014-01-16T19:11:32","version":"1.965"},{"date":"2014-01-21T16:53:39","version":"1.966"},{"version":"1.967","date":"2014-02-06T22:06:14"},{"version":"1.968","date":"2014-03-13T06:38:27"},{"date":"2014-03-16T16:41:39","version":"1.969"},{"date":"2014-03-19T05:04:51","version":"1.970"},{"date":"2014-03-22T19:54:06","version":"1.971"},{"date":"2014-03-23T06:48:23","version":"1.972"},{"version":"1.973","date":"2014-03-26T07:10:22"},{"version":"1.974","date":"2014-04-02T06:53:53"},{"version":"1.975","date":"2014-04-02T10:14:38"},{"date":"2014-04-04T04:36:04","version":"1.976"},{"date":"2014-04-04T13:25:28","version":"1.977"},{"date":"2014-04-04T14:21:32","version":"1.978"},{"date":"2014-04-06T06:24:29","version":"1.979"},{"version":"1.980","date":"2014-04-08T01:25:10"},{"version":"1.981","date":"2014-04-08T11:09:59"},{"date":"2014-04-24T20:14:47","version":"1.982"},{"version":"1.982_1","date":"2014-04-27T12:02:16"},{"version":"1.983","date":"2014-05-04T08:03:37"},{"version":"1.984","date":"2014-05-10T13:11:17"},{"date":"2014-05-15T06:30:28","version":"1.985"},{"version":"1.986","date":"2014-05-16T17:41:46"},{"version":"1.987","date":"2014-05-17T15:03:37"},{"version":"1.988","date":"2014-05-17T22:15:10"},{"version":"1.989","date":"2014-05-24T08:16:00"},{"date":"2014-05-26T05:46:04","version":"1.989_1"},{"date":"2014-05-27T11:00:11","version":"1.990"},{"version":"1.991","date":"2014-05-27T19:43:31"},{"date":"2014-06-01T21:47:49","version":"1.992"},{"version":"1.993","date":"2014-06-13T20:45:52"},{"date":"2014-06-22T09:53:11","version":"1.994"},{"date":"2014-07-11T21:50:48","version":"1.995"},{"date":"2014-07-12T11:49:12","version":"1.996"},{"date":"2014-07-12T17:24:04","version":"1.997"},{"version":"1.998","date":"2014-09-07T14:59:47"},{"date":"2014-10-09T19:56:19","version":"1.999"},{"date":"2014-10-16T05:05:11","version":"2.000"},{"version":"2.001","date":"2014-10-21T09:46:39"},{"version":"2.002","date":"2014-10-21T21:00:54"},{"version":"2.003","date":"2014-11-14T20:12:08"},{"date":"2014-11-15T10:05:06","version":"2.004"},{"version":"2.004_1","date":"2014-11-15T10:14:17"},{"version":"2.005","date":"2014-11-15T16:29:13"},{"version":"2.005_1","date":"2014-11-15T16:34:37"},{"version":"2.006","date":"2014-11-22T20:51:08"},{"date":"2014-11-26T22:00:05","version":"2.007"},{"version":"2.008","date":"2014-12-16T06:36:16"},{"date":"2015-01-12T10:48:21","version":"2.009"},{"version":"2.010","date":"2015-01-14T20:13:41"},{"date":"2015-02-01T16:00:22","version":"2.011"},{"date":"2015-02-02T07:46:57","version":"2.012"},{"version":"2.013","date":"2015-05-01T15:39:14"},{"version":"2.014","date":"2015-05-05T06:31:37"},{"date":"2015-05-13T20:43:55","version":"2.015"},{"version":"2.015_001","date":"2015-05-26T21:15:38"},{"date":"2015-05-27T05:39:14","version":"2.015_002"},{"date":"2015-05-27T17:24:09","version":"2.015_003"},{"version":"2.015_004","date":"2015-05-28T07:07:25"},{"date":"2015-05-29T06:01:37","version":"2.015_005"},{"version":"2.015_006","date":"2015-06-02T19:35:20"},{"version":"2.016","date":"2015-06-02T20:41:45"},{"version":"2.016_001","date":"2015-06-04T14:38:29"},{"date":"2015-06-14T17:05:06","version":"2.016_002"},{"version":"2.017","date":"2015-08-24T15:45:30"},{"date":"2015-08-27T11:31:55","version":"2.018"},{"version":"2.019","date":"2015-09-01T05:32:47"},{"version":"2.020","date":"2015-09-20T10:33:59"},{"version":"2.021","date":"2015-12-02T19:55:29"},{"date":"2015-12-10T07:12:46","version":"2.022"},{"version":"2.023","date":"2016-01-30T11:12:14"},{"version":"2.024","date":"2016-02-06T19:38:18"},{"version":"2.025","date":"2016-04-04T07:23:02"},{"date":"2016-04-20T06:11:37","version":"2.026"},{"version":"2.027","date":"2016-04-20T14:22:50"},{"version":"2.028","date":"2016-06-27T14:22:02"},{"date":"2016-06-27T15:53:16","version":"2.029"},{"version":"2.030","date":"2016-07-08T08:53:04"},{"version":"2.031","date":"2016-07-08T11:40:31"},{"date":"2016-07-12T13:12:57","version":"2.032"},{"date":"2016-07-15T09:00:38","version":"2.033"},{"date":"2016-08-08T08:19:05","version":"2.034"},{"date":"2016-08-11T14:25:18","version":"2.035"},{"date":"2016-08-11T19:03:38","version":"2.036"},{"date":"2016-08-22T17:39:32","version":"2.037"},{"version":"2.038","date":"2016-09-17T09:36:29"},{"date":"2016-11-20T21:01:59","version":"2.039"},{"version":"2.040","date":"2016-12-17T15:18:35"},{"date":"2017-01-04T05:17:55","version":"2.041"},{"date":"2017-01-05T18:32:13","version":"2.042"},{"version":"2.043","date":"2017-01-06T13:27:56"},{"version":"2.044","date":"2017-01-26T10:46:57"},{"date":"2017-02-13T15:26:59","version":"2.045"},{"date":"2017-02-15T18:41:05","version":"2.046"},{"date":"2017-02-16T19:01:01","version":"2.047"},{"date":"2017-04-16T18:33:09","version":"2.048"},{"date":"2017-06-12T05:15:34","version":"2.049"},{"version":"2.050","date":"2017-08-18T06:07:18"},{"version":"2.051","date":"2017-09-05T09:28:25"},{"version":"2.052","date":"2017-10-22T08:48:29"},{"date":"2018-01-21T19:41:38","version":"2.053"},{"version":"2.054","date":"2018-01-22T05:11:45"},{"date":"2018-02-15T13:45:54","version":"2.055"},{"date":"2018-02-19T06:35:28","version":"2.056"},{"date":"2018-07-18T19:16:28","version":"2.057"},{"version":"2.058","date":"2018-07-19T07:54:24"},{"date":"2018-08-15T16:13:05","version":"2.059"},{"version":"2.060","date":"2018-09-16T19:15:07"},{"version":"2.061","date":"2019-02-23T02:08:16"},{"version":"2.062","date":"2019-02-24T00:14:55"},{"version":"2.063","date":"2019-03-01T14:48:40"},{"version":"2.064","date":"2019-03-04T12:28:12"},{"version":"2.065","date":"2019-03-05T18:50:40"},{"date":"2019-03-06T06:55:56","version":"2.066"},{"version":"2.067","date":"2020-02-14T17:49:51"},{"date":"2020-03-31T06:15:39","version":"2.068"},{"date":"2021-01-22T16:55:49","version":"2.069"},{"version":"2.070","date":"2021-02-26T08:03:24"},{"date":"2021-05-23T08:12:02","version":"2.071"},{"date":"2021-08-16T13:06:40","version":"2.072"},{"date":"2021-12-22T19:30:42","version":"2.073"},{"date":"2022-01-07T15:09:53","version":"2.074"},{"version":"2.075","date":"2022-09-02T18:18:33"},{"date":"2022-11-14T13:41:15","version":"2.076"},{"date":"2022-11-21T11:44:16","version":"2.077"},{"date":"2022-12-11T20:10:13","version":"2.078"},{"version":"2.079","date":"2023-01-16T06:28:01"},{"version":"2.080","date":"2023-01-18T16:28:53"},{"version":"2.081","date":"2023-01-25T10:49:10"},{"version":"2.082","date":"2023-05-17T20:41:22"},{"date":"2023-05-18T09:15:20","version":"2.083"},{"date":"2023-11-06T21:02:36","version":"2.084"},{"version":"2.085","date":"2024-01-22T19:07:08"},{"date":"2024-07-03T12:14:36","version":"2.086"},{"version":"2.087","date":"2024-07-08T05:33:53"},{"date":"2024-07-14T05:05:54","version":"2.088"},{"version":"2.089","date":"2024-08-29T14:46:00"}]},"Proc-ProcessTable":{"main_module":"Proc::ProcessTable","advisories":[{"fixed_versions":[">=0.47"],"cves":["CVE-2011-4363"],"distribution":"Proc-ProcessTable","severity":null,"references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650500","http://www.osvdb.org/77428","http://www.openwall.com/lists/oss-security/2011/11/30/2","http://www.securityfocus.com/bid/50868","https://rt.cpan.org/Public/Bug/Display.html?id=72862","http://www.openwall.com/lists/oss-security/2011/11/30/3","http://secunia.com/advisories/47015","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4363"],"affected_versions":[">=0.45,<0.47"],"description":"ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS.\n","reported":"2012-10-07","id":"CPANSA-Proc-ProcessTable-2011-4363"}],"versions":[{"version":"0.01","date":"1998-07-23T12:59:39"},{"date":"1998-07-24T12:50:40","version":"0.02"},{"date":"1998-07-26T13:18:26","version":"0.03"},{"date":"1998-08-15T21:22:20","version":"0.04"},{"version":"0.05","date":"1998-12-09T23:53:30"},{"date":"1998-12-10T04:51:19","version":"0.06"},{"version":"0.08","date":"1999-02-05T03:21:51"},{"version":"0.09","date":"1999-02-20T04:27:53"},{"date":"1999-02-20T16:36:14","version":"0.10"},{"version":"0.11","date":"1999-03-07T00:16:52"},{"date":"1999-03-21T16:07:46","version":"0.12"},{"date":"1999-05-14T02:10:41","version":"0.13"},{"version":"0.14","date":"1999-05-16T01:22:45"},{"date":"1999-06-02T02:39:22","version":"0.15"},{"date":"1999-08-10T03:45:58","version":"0.16"},{"date":"1999-08-19T15:45:19","version":"0.17"},{"version":"0.18","date":"1999-08-19T17:44:22"},{"date":"1999-09-09T02:45:48","version":"0.20"},{"date":"1999-09-10T16:51:02","version":"0.21"},{"date":"1999-10-05T12:34:33","version":"0.22"},{"date":"1999-11-01T13:55:15","version":"0.23"},{"date":"2000-01-20T20:57:35","version":"0.24"},{"version":"0.25","date":"2000-02-03T16:28:46"},{"version":"0.26","date":"2000-02-11T21:56:23"},{"version":"0.27","date":"2000-06-29T12:38:46"},{"version":"0.28","date":"2000-08-14T09:25:19"},{"date":"2001-01-09T12:47:49","version":"0.29"},{"version":"0.30","date":"2001-03-08T02:57:16"},{"version":"0.31","date":"2001-06-01T12:39:15"},{"date":"2001-08-20T02:41:52","version":"0.32"},{"date":"2001-10-16T13:32:04","version":"0.33"},{"version":"0.34","date":"2002-02-25T03:17:15"},{"version":"0.35","date":"2002-07-03T04:31:57"},{"version":"0.36","date":"2002-11-08T02:31:59"},{"version":"0.37","date":"2002-11-08T14:59:11"},{"version":"0.38","date":"2002-12-07T03:33:51"},{"date":"2003-10-03T17:45:51","version":"0.39"},{"version":"0.40","date":"2005-07-11T01:33:32"},{"version":"0.41","date":"2006-07-01T04:27:59"},{"version":"0.42","date":"2008-01-26T05:34:53"},{"version":"0.43","date":"2008-07-18T04:05:51"},{"date":"2008-07-25T14:29:08","version":"0.44"},{"version":"0.45","date":"2008-09-08T15:39:40"},{"version":"0.46","date":"2012-10-19T13:58:48"},{"version":"0.47","date":"2013-02-16T16:06:35"},{"version":"0.48","date":"2013-05-26T22:20:21"},{"date":"2013-12-05T23:31:39","version":"0.49"},{"version":"0.50","date":"2013-12-15T15:47:54"},{"version":"0.50_01","date":"2014-05-17T21:03:43"},{"date":"2014-10-17T22:56:58","version":"0.51"},{"version":"0.52","date":"2015-08-23T10:12:37"},{"date":"2015-08-24T19:36:41","version":"0.53"},{"date":"2018-02-01T21:02:36","version":"0.54"},{"date":"2018-02-01T21:57:51","version":"0.55"},{"version":"0.56","date":"2019-02-07T22:38:02"},{"date":"2019-06-14T21:16:11","version":"0.56_01"},{"version":"0.56_02","date":"2019-06-15T11:28:52"},{"version":"0.57","date":"2019-06-15T18:56:51"},{"date":"2019-06-15T19:20:02","version":"0.58"},{"date":"2019-06-20T19:35:05","version":"0.59"},{"version":"0.60","date":"2021-08-14T16:19:38"},{"date":"2021-08-17T22:50:12","version":"0.61"},{"date":"2021-08-18T06:57:20","version":"0.611"},{"version":"0.612","date":"2021-09-08T10:39:21"},{"version":"0.62","date":"2021-09-13T14:03:14"},{"date":"2021-09-26T21:58:24","version":"0.631"},{"date":"2021-09-26T22:35:32","version":"0.632"},{"version":"0.633","date":"2021-09-26T23:01:20"},{"date":"2021-09-26T23:04:23","version":"0.634"},{"version":"0.635","date":"2023-05-08T06:51:59"},{"date":"2023-06-21T06:25:43","version":"0.636"}]},"CGI-Application-Plugin-RunmodeDeclare":{"versions":[{"version":"0.01","date":"2008-09-26T19:59:14"},{"version":"0.02","date":"2008-09-26T21:37:11"},{"date":"2008-10-19T23:22:06","version":"0.03"},{"date":"2008-10-23T14:18:23","version":"0.03_01"},{"date":"2008-10-24T13:32:43","version":"0.03_02"},{"date":"2008-10-24T16:20:27","version":"0.03_03"},{"version":"0.04","date":"2008-10-25T10:54:25"},{"date":"2008-10-25T11:46:28","version":"0.05"},{"version":"0.06","date":"2008-10-25T16:39:34"},{"version":"0.07","date":"2009-01-10T02:32:39"},{"version":"0.08","date":"2009-05-17T22:29:18"},{"version":"0.09","date":"2010-01-07T13:24:09"},{"version":"0.10","date":"2012-02-10T00:53:54"}],"advisories":[{"fixed_versions":[">=0.03"],"cves":[],"distribution":"CGI-Application-Plugin-RunmodeDeclare","affected_versions":["<0.03"],"references":["https://metacpan.org/changes/distribution/CGI-Application-Plugin-RunmodeDeclare"],"reported":"2008-10-20","id":"CPANSA-CGI-Application-Plugin-RunmodeDeclare-2008-01","description":"Wrong order of arguments.\n"}],"main_module":"CGI::Application::Plugin::RunmodeDeclare"},"CGI":{"versions":[{"version":"2.10","date":"1995-11-25T09:21:00"},{"date":"1995-12-28T09:08:00","version":"2.13"},{"version":"2.20","date":"1996-05-22T22:30:00"},{"version":"2.21","date":"1996-05-31T05:31:00"},{"date":"1996-08-07T09:24:00","version":"2.22"},{"version":"2.23","date":"1996-08-14T08:17:00"},{"version":"2.24","date":"1996-08-21T09:09:00"},{"date":"1996-09-10T14:23:00","version":"2.25"},{"version":"2.26","date":"1996-10-22T11:17:00"},{"version":"2.27","date":"1996-10-24T18:21:00"},{"version":"2.28","date":"1996-12-02T11:48:00"},{"version":"2.29","date":"1996-12-09T13:39:00"},{"version":"2.30","date":"1997-01-02T16:40:00"},{"date":"1997-02-15T15:36:00","version":"2.31"},{"version":"2.32","date":"1997-03-25T08:58:00"},{"version":"2.33","date":"1997-04-04T20:45:00"},{"date":"1997-04-10T15:41:00","version":"2.34"},{"date":"1997-04-20T18:29:00","version":"2.35"},{"version":"2.36","date":"1997-05-09T09:33:00"},{"date":"1997-08-29T04:42:00","version":"2.37"},{"version":"2.37","date":"1997-09-15T17:51:00"},{"version":"2.37","date":"1997-10-01T04:15:00"},{"version":"2.37","date":"1997-10-12T07:10:00"},{"date":"1997-11-23T11:37:00","version":"2.37"},{"date":"1997-12-20T09:57:00","version":"2.37"},{"version":"2.37","date":"1998-01-16T12:22:00"},{"date":"1998-01-19T11:34:00","version":"2.37"},{"version":"2.37","date":"1998-01-26T11:00:00"},{"date":"1998-01-29T19:48:00","version":"2.37"},{"version":"2.37","date":"1998-02-02T13:37:00"},{"version":"2.37","date":"1998-02-05T08:25:00"},{"date":"1998-02-09T13:58:00","version":"2.37"},{"date":"1998-02-16T16:21:00","version":"2.37"},{"date":"1998-02-23T08:33:00","version":"2.37"},{"version":"2.37","date":"1998-02-24T16:52:00"},{"date":"1998-03-13T15:33:00","version":"2.37"},{"date":"1998-03-22T21:12:00","version":"2.38"},{"date":"1998-03-24T22:37:08","version":"2.39"},{"version":"2.40","date":"1998-05-20T09:17:00"},{"version":"2.41","date":"1998-05-28T15:03:00"},{"version":"2.42","date":"1998-06-09T09:00:00"},{"date":"1998-10-14T19:06:31","version":"2.43"},{"version":"2.44","date":"1998-11-24T19:41:41"},{"version":"2.45","date":"1998-11-26T11:07:27"},{"version":"2.46","date":"1998-12-06T10:22:46"},{"version":"2.47","date":"1999-02-18T03:50:16"},{"date":"1999-02-19T14:10:25","version":"2.48"},{"version":"2.49","date":"1999-02-23T22:00:33"},{"version":"2.52","date":"1999-06-08T15:13:15"},{"date":"1999-06-09T14:56:06","version":"2.53"},{"version":"2.54","date":"1999-08-09T14:18:33"},{"date":"1999-08-31T17:11:00","version":"2.55"},{"date":"1999-09-13T21:11:51","version":"2.56"},{"version":"2.58","date":"2000-03-23T23:00:12"},{"date":"2000-03-24T12:31:52","version":"2.59"},{"date":"2000-03-27T22:11:34","version":"2.60"},{"version":"2.61","date":"2000-03-28T02:50:18"},{"version":"2.62","date":"2000-03-28T21:38:03"},{"version":"2.63","date":"2000-04-10T15:19:54"},{"date":"2000-04-11T15:25:13","version":"2.64"},{"date":"2000-04-11T15:55:40","version":"2.65"},{"date":"2000-04-12T20:16:46","version":"2.66"},{"version":"2.67","date":"2000-05-16T01:38:08"},{"version":"2.68","date":"2000-05-18T17:55:55"},{"date":"2000-07-28T03:06:11","version":"2.69"},{"date":"2000-08-04T19:37:27","version":"2.70"},{"version":"2.71","date":"2000-08-13T16:09:25"},{"date":"2000-08-20T17:35:50","version":"2.72"},{"version":"3.","date":"2000-08-24T13:33:37"},{"date":"2000-09-13T02:55:51","version":"2.73"},{"version":"2.74","date":"2000-09-13T16:35:14"},{"version":"2.75","date":"2001-02-02T15:43:07"},{"date":"2001-02-02T15:50:53","version":"2.751"},{"version":"2.752","date":"2001-02-04T23:49:27"},{"version":"2.753","date":"2001-03-12T17:00:13"},{"date":"2001-06-15T15:33:28","version":"3.02"},{"version":"3.02_","date":"2001-06-29T14:47:39"},{"version":"3.03_01","date":"2001-07-05T16:13:55"},{"version":"2.76","date":"2001-07-26T21:29:22"},{"version":"2.77","date":"2001-08-07T12:33:22"},{"date":"2001-09-26T02:26:36","version":"2.78"},{"version":"2.79","date":"2001-12-09T21:39:11"},{"date":"2002-01-12T02:47:17","version":"2.80"},{"date":"2002-04-10T19:39:49","version":"2.81"},{"date":"2002-09-11T12:27:48","version":"2.84"},{"version":"2.85","date":"2002-09-11T14:01:02"},{"version":"2.86","date":"2002-09-12T03:58:40"},{"date":"2002-10-07T02:00:58","version":"2.87"},{"date":"2002-10-14T13:58:09","version":"2.88"},{"date":"2002-10-16T17:50:26","version":"2.89"},{"date":"2002-11-22T23:03:39","version":0},{"version":"2.90","date":"2003-02-10T20:11:57"},{"version":"2.91","date":"2003-02-11T14:15:15"},{"version":"2.92","date":"2003-04-28T00:44:10"},{"date":"2003-04-28T13:37:43","version":"2.93"},{"version":"2.94","date":"2003-06-09T12:15:29"},{"date":"2003-06-13T02:35:42","version":"2.95"},{"date":"2003-06-16T18:42:38","version":"2.96"},{"date":"2003-06-17T23:32:52","version":"2.97"},{"date":"2003-07-16T17:06:29","version":"2.98"},{"version":"2.99","date":"2003-08-01T14:43:54"},{"date":"2003-08-18T17:51:48","version":"3.00"},{"version":"3.01","date":"2003-12-10T17:05:47"},{"date":"2004-01-13T16:34:47","version":"3.03"},{"date":"2004-01-19T12:44:30","version":"3.04"},{"date":"2004-04-12T20:39:57","version":"3.05"},{"version":"3.06","date":"2005-03-09T21:06:46"},{"date":"2005-03-14T16:34:03","version":"3.07"},{"date":"2005-04-20T15:31:11","version":"3.08"},{"version":"3.09","date":"2005-05-05T20:16:55"},{"date":"2005-05-13T21:48:46","version":"3.10"},{"version":"3.11","date":"2005-08-03T21:17:14"},{"date":"2005-12-04T16:46:53","version":"3.12"},{"version":"3.13","date":"2005-12-05T13:54:26"},{"date":"2005-12-06T22:14:19","version":"3.14"},{"date":"2005-12-07T20:16:49","version":"3.15"},{"version":"3.16","date":"2006-02-08T18:50:56"},{"date":"2006-02-24T19:04:58","version":"3.17"},{"date":"2006-04-17T13:56:06","version":"3.19"},{"version":"3.20","date":"2006-04-23T14:27:55"},{"date":"2006-08-21T19:12:36","version":"3.21"},{"version":"3.22","date":"2006-08-23T15:24:41"},{"date":"2006-08-24T11:53:26","version":"3.23"},{"date":"2006-09-28T17:09:45","version":"3.25"},{"version":"3.27","date":"2007-02-27T15:42:54"},{"date":"2007-03-29T15:38:01","version":"3.28"},{"version":"3.29","date":"2007-04-16T17:00:18"},{"date":"2007-11-30T19:06:19","version":"3.31"},{"date":"2007-12-27T18:41:32","version":"3.32"},{"date":"2008-01-03T15:03:17","version":"3.33"},{"date":"2008-03-18T16:04:41","version":"3.34"},{"date":"2008-03-27T14:26:48","version":"3.35"},{"date":"2008-04-23T13:09:44","version":"3.37"},{"date":"2008-06-25T14:58:32","version":"3.38"},{"date":"2008-07-29T15:01:52","version":"3.39"},{"version":"3.40","date":"2008-08-06T18:21:51"},{"date":"2008-08-26T13:56:27","version":"3.41"},{"date":"2008-09-08T14:15:41","version":"3.42"},{"date":"2009-04-06T18:35:19","version":"3.43"},{"version":"3.44","date":"2009-07-30T16:34:17"},{"version":"3.45","date":"2009-08-14T13:37:12"},{"version":"3.46","date":"2009-09-09T15:39:42"},{"date":"2009-09-09T20:03:01","version":"3.47"},{"date":"2009-09-25T15:07:03","version":"3.48"},{"date":"2010-02-05T16:24:53","version":"3.49"},{"version":"3.50","date":"2010-11-08T21:53:26"},{"version":"3.51","date":"2011-01-05T18:28:41"},{"version":"3.52","date":"2011-01-25T04:30:05"},{"version":"3.53","date":"2011-04-25T23:01:21"},{"date":"2011-04-28T14:36:41","version":"3.54"},{"date":"2011-06-03T15:39:16","version":"3.55"},{"version":"3.56","date":"2011-11-09T02:00:20"},{"date":"2011-11-09T15:59:18","version":"3.57"},{"date":"2011-11-12T03:36:07","version":"3.58"},{"version":"3.59","date":"2011-12-30T13:35:35"},{"date":"2012-08-16T03:21:13","version":"3.60"},{"version":"3.61","date":"2012-11-03T02:10:42"},{"version":"3.62","date":"2012-11-10T01:40:50"},{"version":"3.63","date":"2012-11-14T23:45:29"},{"date":"2013-11-24T01:22:00","version":"3.64"},{"date":"2014-02-12T03:13:58","version":"3.65"},{"date":"2014-05-15T12:59:58","version":"3.65_01"},{"version":"3.65_02","date":"2014-05-16T11:43:33"},{"date":"2014-05-20T12:31:46","version":"3.65_03"},{"version":"4.00","date":"2014-05-22T19:58:14"},{"date":"2014-05-27T13:13:51","version":"4.01"},{"date":"2014-06-09T13:55:49","version":"4.02"},{"version":"4.03","date":"2014-07-02T14:53:06"},{"version":"4.03_01","date":"2014-07-28T18:30:34"},{"version":"4.03_02","date":"2014-07-30T14:26:40"},{"date":"2014-08-13T11:40:14","version":"4.03_03"},{"version":"4.04","date":"2014-09-04T14:42:14"},{"version":"4.04_01","date":"2014-09-20T16:08:55"},{"version":"4.04_02","date":"2014-09-28T19:57:05"},{"version":"4.04_03","date":"2014-09-29T09:50:07"},{"date":"2014-10-06T12:01:14","version":"4.04_04"},{"date":"2014-10-06T12:24:10","version":"4.04_05"},{"date":"2014-10-08T07:42:49","version":"4.05"},{"version":"4.06","date":"2014-10-10T11:35:49"},{"date":"2014-10-12T16:29:35","version":"4.07"},{"version":"4.08","date":"2014-10-18T11:00:38"},{"version":"4.09","date":"2014-10-21T07:33:36"},{"date":"2014-11-25T21:06:50","version":"4.09_01"},{"version":"4.10","date":"2014-11-27T12:53:51"},{"date":"2014-11-30T12:12:26","version":"4.10_01"},{"version":"4.11","date":"2014-12-03T07:25:15"},{"date":"2014-12-18T08:35:52","version":"4.12"},{"version":"4.13","date":"2014-12-18T09:21:52"},{"version":"4.13_01","date":"2015-02-12T14:19:13"},{"version":"4.13_02","date":"2015-02-13T08:01:29"},{"date":"2015-03-01T13:28:25","version":"4.13_03"},{"version":"4.13_04","date":"2015-03-08T16:09:21"},{"version":"4.13_05","date":"2015-03-25T17:55:15"},{"version":"4.14","date":"2015-04-01T06:51:57"},{"date":"2015-04-17T14:27:39","version":"4.14_01"},{"version":"4.15","date":"2015-04-20T07:15:45"},{"version":"4.20","date":"2015-05-29T14:48:42"},{"date":"2015-06-22T07:50:02","version":"4.21"},{"date":"2015-10-16T09:46:31","version":"4.22"},{"version":"4.24","date":"2015-12-20T18:33:35"},{"date":"2015-12-21T09:29:19","version":"4.25"},{"date":"2016-02-04T16:37:12","version":"4.26"},{"date":"2016-03-02T08:03:46","version":"4.27"},{"version":"4.28","date":"2016-03-14T07:21:48"},{"version":"4.28_01","date":"2016-05-22T12:23:19"},{"date":"2016-05-22T12:54:23","version":"4.28_02"},{"version":"4.28_03","date":"2016-05-23T08:25:25"},{"version":"4.29","date":"2016-06-09T12:01:20"},{"date":"2016-06-09T12:11:54","version":"4.30"},{"version":"4.31","date":"2016-06-14T07:14:00"},{"date":"2016-07-19T07:05:46","version":"4.32"},{"version":"4.33","date":"2016-09-16T09:47:49"},{"version":"4.34","date":"2016-10-13T11:58:55"},{"version":"4.35","date":"2016-10-13T13:56:21"},{"version":"4.35_01","date":"2017-03-29T08:56:26"},{"version":"4.36","date":"2017-04-06T14:42:12"},{"version":"4.37","date":"2017-11-01T10:17:40"},{"date":"2017-12-01T08:41:02","version":"4.38"},{"version":"4.39","date":"2018-08-13T15:57:52"},{"date":"2018-08-15T08:39:39","version":"4.40"},{"version":"4.41","date":"2019-03-26T15:58:49"},{"version":"4.42","date":"2019-03-26T16:33:27"},{"version":"4.43","date":"2019-05-01T14:28:45"},{"version":"4.44","date":"2019-06-03T09:00:55"},{"date":"2020-01-13T07:03:55","version":"4.45"},{"version":"4.46","date":"2020-02-03T14:49:22"},{"version":"4.47","date":"2020-05-01T13:01:44"},{"version":"4.48","date":"2020-06-02T08:22:41"},{"date":"2020-06-08T09:46:25","version":"4.49"},{"date":"2020-06-22T07:35:25","version":"4.50"},{"version":"4.51","date":"2020-10-05T06:14:39"},{"date":"2021-05-04T08:02:27","version":"4.52"},{"version":"4.53","date":"2021-06-03T06:45:55"},{"date":"2022-02-03T07:52:34","version":"4.54"},{"date":"2023-01-03T07:45:53","version":"4.55"},{"date":"2023-03-03T08:51:51","version":"4.56"},{"date":"2023-05-02T13:16:01","version":"4.57"},{"version":"4.58","date":"2023-10-02T07:08:45"},{"version":"4.59","date":"2023-10-02T07:14:30"},{"date":"2023-11-01T07:57:12","version":"4.60"},{"version":"4.61","date":"2024-01-08T15:17:04"},{"version":"4.62","date":"2024-03-01T13:46:49"},{"date":"2024-03-06T15:20:30","version":"4.63"},{"version":"4.64","date":"2024-03-18T12:10:48"},{"date":"2024-06-04T15:15:17","version":"4.65"},{"date":"2024-06-19T08:59:52","version":"4.66"}],"main_module":"CGI","advisories":[{"severity":null,"description":"CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applications that use CGI.pm.\n","id":"CPANSA-CGI-2012-5526","reported":"2012-11-21","references":["http://www.securityfocus.com/bid/56562","http://www.openwall.com/lists/oss-security/2012/11/15/6","https://github.com/markstos/CGI.pm/pull/23","http://www.securitytracker.com/id?1027780","http://cpansearch.perl.org/src/MARKSTOS/CGI.pm-3.63/Changes","http://secunia.com/advisories/51457","http://www.ubuntu.com/usn/USN-1643-1","http://www.debian.org/security/2012/dsa-2586","http://rhn.redhat.com/errata/RHSA-2013-0685.html","http://secunia.com/advisories/55314","http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735","http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","https://exchange.xforce.ibmcloud.com/vulnerabilities/80098"],"affected_versions":["<3.63"],"fixed_versions":[">=3.63"],"cves":["CVE-2012-5526"],"distribution":"CGI"},{"affected_versions":["<3.56"],"references":["https://rt.cpan.org/Public/Bug/Display.html?id=68380","http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2766"],"reported":"2011-11-08","id":"CPANSA-CGI-2011-2766","description":"Usage of deprecated FCGI.pm API.\n","fixed_versions":[">=3.56"],"cves":["CVE-2011-2766"],"distribution":"CGI"},{"id":"CPANSA-CGI-2010-02","reported":"2010-11-08","description":"Non-random MIME boundary.\n","affected_versions":["<3.50"],"fixed_versions":[">=3.50"],"distribution":"CGI","cves":[]},{"cves":[],"distribution":"CGI","fixed_versions":[">=3.49"],"affected_versions":["<3.49"],"description":"Newlines in headers.\n","reported":"2010-02-05","id":"CPANSA-CGI-2010-01"},{"fixed_versions":[">=3.50"],"cves":["CVE-2010-4411"],"distribution":"CGI","severity":null,"description":"Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.\n","id":"CPANSA-CGI-2010-4411","reported":"2010-12-06","references":["http://openwall.com/lists/oss-security/2010/12/01/3","http://www.mandriva.com/security/advisories?name=MDVSA-2011:008","http://www.vupen.com/english/advisories/2011/0106","http://www.bugzilla.org/security/3.2.9/","http://secunia.com/advisories/43033","https://bugzilla.mozilla.org/show_bug.cgi?id=591165","http://www.vupen.com/english/advisories/2011/0207","http://www.vupen.com/english/advisories/2011/0271","http://www.vupen.com/english/advisories/2011/0212","http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html","http://secunia.com/advisories/43068","http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html","http://secunia.com/advisories/43165","http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html","http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"],"affected_versions":["<3.50"]},{"severity":null,"description":"The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.\n","id":"CPANSA-CGI-2010-2761","reported":"2010-12-06","references":["https://github.com/AndyA/CGI--Simple/commit/e4942b871a26c1317a175a91ebb7262eea59b380","http://cpansearch.perl.org/src/LDS/CGI.pm-3.50/Changes","http://openwall.com/lists/oss-security/2010/12/01/1","http://www.nntp.perl.org/group/perl.perl5.changes/2010/11/msg28043.html","http://perl5.git.perl.org/perl.git/blobdiff/a0b94c2432b1d8c20653453a0f6970cb10f59aec..84601d63a7e34958da47dad1e61e27cb3bd467d1:/cpan/CGI/lib/CGI.pm","http://perl5.git.perl.org/perl.git/commit/84601d63a7e34958da47dad1e61e27cb3bd467d1","http://openwall.com/lists/oss-security/2010/12/01/2","http://openwall.com/lists/oss-security/2010/12/01/3","https://bugzilla.mozilla.org/show_bug.cgi?id=600464","http://osvdb.org/69588","http://osvdb.org/69589","http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html","http://www.mandriva.com/security/advisories?name=MDVSA-2010:237","http://www.vupen.com/english/advisories/2011/0076","http://www.mandriva.com/security/advisories?name=MDVSA-2010:250","http://secunia.com/advisories/42877","https://bugzilla.mozilla.org/show_bug.cgi?id=591165","http://www.vupen.com/english/advisories/2011/0207","http://www.bugzilla.org/security/3.2.9/","http://secunia.com/advisories/43033","http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html","http://secunia.com/advisories/43147","http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html","http://www.vupen.com/english/advisories/2011/0249","http://www.vupen.com/english/advisories/2011/0271","http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053678.html","http://www.vupen.com/english/advisories/2011/0212","http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html","http://secunia.com/advisories/43165","http://secunia.com/advisories/43068","http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053665.html","http://www.redhat.com/support/errata/RHSA-2011-1797.html","http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html","http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735","http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"],"affected_versions":["<3.50"],"fixed_versions":[">=3.50"],"distribution":"CGI","cves":["CVE-2010-2761"]}]},"GD":{"main_module":"GD","advisories":[{"cves":["CVE-2019-6977"],"distribution":"GD","fixed_versions":[">=2.72"],"description":"gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.\n","reported":"2019-01-27","id":"CPANSA-GD-2019-6977","references":["https://nvd.nist.gov/vuln/detail/CVE-2019-6977","https://bugs.php.net/bug.php?id=77270","http://php.net/ChangeLog-7.php","http://php.net/ChangeLog-5.php","http://www.securityfocus.com/bid/106731","https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html","https://www.debian.org/security/2019/dsa-4384","https://usn.ubuntu.com/3900-1/","https://security.netapp.com/advisory/ntap-20190315-0003/","https://security.gentoo.org/glsa/201903-18","http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html","http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html","http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html","https://www.exploit-db.com/exploits/46677/","https://access.redhat.com/errata/RHSA-2019:2519","https://access.redhat.com/errata/RHSA-2019:3299","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"],"affected_versions":["<2.72"],"severity":"high"}],"versions":[{"date":"1996-05-17T08:12:00","version":"1.00"},{"date":"1996-07-17T10:16:00","version":"1.01"},{"version":"1.10","date":"1996-09-07T16:53:00"},{"version":"1.11","date":"1996-09-09T10:37:00"},{"date":"1996-09-10T12:04:00","version":"1.12"},{"version":"1.13","date":"1996-09-11T07:27:00"},{"version":"1.14","date":"1996-09-12T16:11:00"},{"date":"1997-11-19T21:13:00","version":"1.15"},{"version":"1.16","date":"1997-12-19T14:26:00"},{"date":"1998-01-16T13:34:00","version":"1.17"},{"date":"1998-01-26T08:44:00","version":"1.18"},{"version":"1.18","date":"1998-03-08T16:43:26"},{"date":"1999-01-31T17:52:34","version":"1.18"},{"date":"1999-04-26T20:35:55","version":"1.19"},{"version":"1.19","date":"1999-06-02T13:44:43"},{"date":"1999-08-31T03:38:46","version":"1.20"},{"date":"1999-08-31T14:55:24","version":"1.21"},{"version":"1.22","date":"1999-09-30T21:46:47"},{"version":"1.23","date":"1999-11-11T14:26:14"},{"date":"2000-02-15T19:54:37","version":"1.24"},{"date":"2000-02-22T15:20:41","version":"1.25"},{"version":"1.26","date":"2000-03-18T23:21:50"},{"version":"1.27","date":"2000-03-22T19:41:56"},{"date":"2000-06-23T12:15:51","version":"1.28"},{"date":"2000-06-23T18:26:31","version":"1.29"},{"version":"1.30","date":"2000-07-07T02:42:47"},{"version":"1.32","date":"2000-11-10T16:00:09"},{"date":"2001-04-05T04:42:53","version":"1.33"},{"version":"1.31","date":"2001-09-26T05:19:41"},{"version":"1.35","date":"2001-12-06T22:57:11"},{"version":"1.36","date":"2001-12-17T19:13:23"},{"version":"1.37","date":"2001-12-19T21:34:33"},{"version":"1.38","date":"2002-01-04T15:33:18"},{"date":"2002-06-12T02:09:05","version":"1.39"},{"version":"1.40","date":"2002-06-19T12:11:07"},{"date":"2002-07-22T07:33:14","version":"1.41"},{"version":"2.00","date":"2002-08-09T16:31:00"},{"date":"2002-08-09T16:39:49","version":"2.01"},{"date":"2002-10-14T13:07:59","version":"2.02"},{"date":"2002-11-01T15:46:28","version":"2.04"},{"date":"2002-11-05T00:55:52","version":"2.041"},{"date":"2002-11-25T01:35:10","version":"2.05"},{"version":"2.06","date":"2003-01-08T16:49:15"},{"version":"2.07","date":"2003-04-24T05:06:33"},{"version":"2.10","date":"2003-10-06T23:04:15"},{"version":"2.11","date":"2003-10-07T22:33:21"},{"version":"2.12","date":"2004-02-06T14:33:56"},{"date":"2004-07-22T20:32:01","version":"2.15"},{"date":"2004-07-27T00:47:05","version":"2.16"},{"date":"2004-11-10T19:15:39","version":"2.17"},{"version":"2.18","date":"2004-11-12T15:19:40"},{"version":"2.19","date":"2004-11-16T13:36:22"},{"version":"2.21","date":"2005-02-09T18:50:44"},{"date":"2005-03-07T18:09:39","version":"2.22"},{"version":"2.23","date":"2005-03-09T21:04:40"},{"date":"2005-07-15T18:47:39","version":"2.25"},{"date":"2005-08-04T13:34:01","version":"2.26"},{"date":"2005-08-06T14:52:27","version":"2.27"},{"date":"2005-08-08T17:28:37","version":"2.28"},{"version":"2.29","date":"2005-10-19T05:44:52"},{"date":"2005-10-19T07:51:48","version":"2.30"},{"date":"2006-02-20T19:48:20","version":"2.31"},{"version":"2.32","date":"2006-03-08T20:19:06"},{"version":"2.34","date":"2006-06-01T20:02:57"},{"date":"2006-08-23T15:31:17","version":"2.35"},{"version":"2.39","date":"2008-04-21T14:15:26"},{"version":"2.40","date":"2008-08-07T18:48:46"},{"version":"2.41","date":"2008-08-07T19:17:19"},{"date":"2009-06-10T14:44:33","version":"2.43"},{"version":"2.44","date":"2009-07-10T18:12:58"},{"version":"2.45","date":"2010-04-30T18:52:21"},{"version":"2.46","date":"2011-05-01T17:47:22"},{"version":"2.48","date":"2013-02-26T10:54:32"},{"version":"2.49","date":"2013-02-26T11:04:16"},{"date":"2013-07-02T20:48:59","version":"2.50"},{"version":"2.51","date":"2014-02-04T16:53:54"},{"version":"2.52","date":"2014-02-19T04:29:23"},{"version":"2.53","date":"2014-04-01T14:26:31"},{"version":"2.55","date":"2014-10-27T02:29:14"},{"version":"2.56","date":"2014-10-28T01:35:39"},{"date":"2017-04-19T14:45:56","version":"2.56_01"},{"version":"2.56_02","date":"2017-04-19T14:56:35"},{"date":"2017-04-19T15:19:33","version":"2.56_03"},{"date":"2017-04-21T06:22:54","version":"2.57"},{"version":"2.58","date":"2017-04-21T08:38:24"},{"version":"2.59","date":"2017-04-21T10:35:21"},{"version":"2.60","date":"2017-04-21T22:11:18"},{"version":"2.61","date":"2017-04-22T15:52:15"},{"version":"2.62","date":"2017-04-22T22:27:02"},{"date":"2017-04-23T08:23:06","version":"2.63"},{"version":"2.64","date":"2017-04-23T09:03:18"},{"version":"2.65","date":"2017-04-23T10:36:23"},{"date":"2017-04-23T13:08:08","version":"2.66"},{"date":"2017-11-15T08:33:16","version":"2.67"},{"date":"2018-02-18T19:56:41","version":"2.68"},{"version":"2.69","date":"2018-08-26T15:40:02"},{"version":"2.70","date":"2019-01-10T12:57:08"},{"date":"2019-02-12T11:53:42","version":"2.71"},{"date":"2020-07-18T06:02:50","version":"2.72"},{"version":"2.73","date":"2020-09-24T13:01:57"},{"version":"2.74","date":"2022-01-23T15:34:48"},{"date":"2022-01-25T16:54:22","version":"2.75"},{"date":"2022-02-01T14:50:45","version":"2.76"},{"date":"2023-05-29T07:10:47","version":"2.77"},{"version":"2.78","date":"2023-07-04T09:13:52"},{"date":"2024-04-29T19:57:07","version":"2.79"},{"version":"2.80","date":"2024-05-03T11:16:48"},{"version":"2.81","date":"2024-05-03T17:02:57"},{"date":"2024-05-27T10:31:38","version":"2.82"},{"version":"2.83","date":"2024-06-23T15:46:01"}]},"Parallel-ForkManager":{"versions":[{"date":"2000-10-19T21:52:22","version":"0.5"},{"version":"0.6","date":"2000-11-30T11:03:55"},{"date":"2001-04-04T11:28:22","version":"0.7"},{"version":"v0.7.2","date":"2001-05-14T14:34:23"},{"date":"2001-10-24T00:32:21","version":"v0.7.3"},{"version":"v0.7.4","date":"2002-07-04T21:16:46"},{"version":"v0.7.5","date":"2002-12-25T23:14:12"},{"date":"2010-08-15T10:53:20","version":"0.7.6"},{"version":"0.7.7","date":"2010-09-27T22:27:36"},{"version":"0.7.8","date":"2010-10-25T16:44:43"},{"version":"0.7.9","date":"2010-11-01T18:06:12"},{"date":"2012-12-23T10:29:10","version":"v1.0.0"},{"version":"1.01","date":"2012-12-23T19:35:57"},{"version":"1.02","date":"2012-12-24T11:30:23"},{"date":"2013-03-06T09:31:14","version":"1.03"},{"date":"2013-09-03T06:57:39","version":"1.04"},{"date":"2013-09-18T08:58:10","version":"1.05"},{"date":"2013-12-24T20:42:36","version":"1.06"},{"date":"2014-11-10T07:11:25","version":"1.07"},{"version":"1.08","date":"2015-01-07T15:27:26"},{"date":"2015-01-08T14:47:12","version":"1.09"},{"version":"1.10","date":"2015-01-15T15:22:56"},{"date":"2015-01-22T19:09:25","version":"1.10_1"},{"date":"2015-01-26T19:32:34","version":"1.10_2"},{"date":"2015-01-30T16:16:43","version":"1.11"},{"version":"1.12","date":"2015-02-23T23:22:38"},{"date":"2015-05-11T22:32:07","version":"1.13"},{"date":"2015-05-17T21:19:58","version":"1.14"},{"version":"1.15","date":"2015-07-08T21:41:39"},{"version":"1.16","date":"2015-10-08T22:51:51"},{"date":"2015-11-28T14:50:06","version":"1.17"},{"date":"2016-03-29T23:27:09","version":"1.18"},{"version":"1.19","date":"2016-06-28T23:04:26"},{"date":"2018-07-19T00:48:24","version":"1.20"},{"version":"2.00","date":"2018-08-23T01:28:34"},{"date":"2018-08-23T23:59:37","version":"2.01"},{"version":"2.02","date":"2018-10-08T23:21:03"},{"date":"2024-08-24T18:13:26","version":"2.03"}],"main_module":"Parallel::ForkManager","advisories":[{"description":"Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.\n","reported":"2020-01-31","id":"CPANSA-Parallel-ForkManager-2011-4115","references":["http://www.openwall.com/lists/oss-security/2011/11/04/2","http://www.openwall.com/lists/oss-security/2011/11/04/4","https://rt.cpan.org/Public/Bug/Display.html?id=68298"],"affected_versions":["<1.0.0"],"severity":"high","cves":["CVE-2011-4115"],"distribution":"Parallel-ForkManager","fixed_versions":[]}]},"MARC-File-XML":{"versions":[{"date":"2017-05-24T01:18:18","version":"v1.0.5"}],"advisories":[{"fixed_versions":[],"distribution":"MARC-File-XML","cves":["CVE-2014-1626"],"severity":null,"description":"XML External Entity (XXE) vulnerability in MARC::File::XML module before 1.0.2 for Perl, as used in Evergreen, Koha, perl4lib, and possibly other products, allows context-dependent attackers to read arbitrary files via a crafted XML file.\n","reported":"2014-01-26","id":"CPANSA-MARC-File-XML-2014-1626","references":["http://www.securityfocus.com/bid/65057","http://www.nntp.perl.org/group/perl.perl4lib/2014/01/msg3073.html","http://secunia.com/advisories/55404","http://libmail.georgialibraries.org/pipermail/open-ils-general/2014-January/009442.html","https://metacpan.org/source/GMCHARLT/MARC-XML-1.0.2/Changes","http://lists.katipo.co.nz/pipermail/koha/2014-January/038430.html","http://osvdb.org/102367","https://exchange.xforce.ibmcloud.com/vulnerabilities/90620"],"affected_versions":["<1.0.2"]}],"main_module":"MARC::File::XML"},"GPIB":{"versions":[{"version":"0_30","date":"2002-01-02T03:13:38"}],"main_module":"GPIB","advisories":[{"severity":null,"references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359239","http://www.securityfocus.com/bid/17288","https://exchange.xforce.ibmcloud.com/vulnerabilities/25681"],"affected_versions":[">0"],"description":"Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory.\n","reported":"2006-03-31","id":"CPANSA-GPIB-2006-1565","fixed_versions":[],"distribution":"GPIB","cves":["CVE-2006-1565"]}]},"Kelp":{"versions":[{"version":"0.1","date":"2013-04-12T17:16:52"},{"date":"2013-04-12T17:39:48","version":"0.11"},{"date":"2013-04-14T01:05:22","version":"0.2"},{"version":"0.21","date":"2013-04-16T21:52:38"},{"date":"2013-04-17T04:59:31","version":"0.215"},{"version":"0.216","date":"2013-04-17T13:16:42"},{"version":"0.217","date":"2013-04-17T19:13:12"},{"date":"2013-04-20T01:47:43","version":"0.218"},{"date":"2013-04-20T20:27:42","version":"0.2181"},{"date":"2013-05-02T16:45:58","version":"0.2182"},{"date":"2013-05-06T03:44:19","version":"0.219"},{"date":"2013-05-14T20:01:26","version":"0.2191"},{"date":"2013-05-25T21:37:51","version":"0.3001"},{"version":"0.3101","date":"2013-06-14T05:59:18"},{"date":"2013-06-16T15:38:29","version":"0.3102"},{"date":"2013-07-03T02:34:18","version":"0.4001"},{"date":"2013-07-05T17:36:59","version":"0.4011"},{"date":"2013-07-05T22:46:46","version":"0.4012"},{"version":"0.4501","date":"2013-08-15T03:19:01"},{"version":"0.455","date":"2013-11-11T18:10:07"},{"version":"0.456","date":"2013-11-20T05:15:34"},{"date":"2014-03-02T17:34:04","version":"0.457"},{"version":"0.4601","date":"2014-03-27T16:29:16"},{"date":"2014-03-31T22:46:22","version":"0.4602"},{"version":"0.9001","date":"2014-05-31T00:52:57"},{"version":"0.9012","date":"2014-07-13T00:41:29"},{"version":"0.9015","date":"2014-08-08T17:57:48"},{"date":"2014-12-15T07:02:58","version":"0.9021"},{"version":"0.9051","date":"2015-04-03T00:32:47"},{"version":"0.9071","date":"2015-08-11T06:50:14"},{"version":"0.9081","date":"2016-11-09T00:00:02"},{"version":"1.01","date":"2017-12-28T21:08:47"},{"date":"2018-01-08T16:43:42","version":"1.02"},{"date":"2021-01-12T14:26:40","version":"1.03"},{"version":"1.03_1","date":"2021-01-14T15:00:50"},{"version":"1.03_2","date":"2021-01-16T16:53:41"},{"version":"1.04","date":"2021-01-18T21:15:56"},{"version":"1.04_01","date":"2021-01-21T12:12:36"},{"version":"1.05","date":"2021-01-21T17:15:38"},{"version":"1.06","date":"2022-05-09T21:07:41"},{"version":"1.07","date":"2024-06-02T18:49:17"},{"version":"1.10_01","date":"2024-06-05T19:57:13"},{"date":"2024-06-08T19:49:17","version":"2.00_01"},{"date":"2024-06-09T13:06:47","version":"2.00_02"},{"version":"2.00_03","date":"2024-06-09T15:41:33"},{"date":"2024-06-09T20:00:29","version":"2.00_04"},{"date":"2024-06-10T07:25:19","version":"2.00_05"},{"date":"2024-06-10T15:39:47","version":"2.00"},{"version":"2.01_01","date":"2024-06-15T11:55:22"},{"date":"2024-06-18T16:33:19","version":"2.01_02"},{"version":"2.01_03","date":"2024-06-19T19:26:30"},{"version":"2.01_04","date":"2024-06-20T06:26:12"},{"date":"2024-06-20T20:43:31","version":"2.01_05"},{"date":"2024-06-23T19:25:33","version":"2.10_01"},{"version":"2.10","date":"2024-06-24T05:14:31"},{"date":"2024-06-25T04:15:52","version":"2.11"},{"date":"2024-06-26T06:15:21","version":"2.12"},{"version":"2.13","date":"2024-07-01T06:06:23"},{"date":"2024-07-02T05:28:06","version":"2.14"},{"date":"2024-07-03T19:52:27","version":"2.15"},{"version":"2.16","date":"2024-07-05T19:03:36"},{"date":"2024-07-06T04:18:40","version":"2.17"},{"version":"2.18","date":"2024-10-08T04:22:01"},{"version":"2.19","date":"2024-10-10T20:15:05"}],"advisories":[{"fixed_versions":[">=0.9001"],"cves":[],"distribution":"Kelp","reviewed_by":[{"email":"rrwo@cpan.org","name":"Robert Rothenberg","date":"2022-06-28"}],"references":["https://metacpan.org/dist/Kelp/changes","https://github.com/sgnix/kelp/commit/9f8f5a5215bdc1685a671c1157132a65727aadff"],"affected_versions":["<0.9001"],"description":"X-Real-IP, X-Forwarded-Host and X-Remote-User headers were trusted and used in Kelp::Request\n","id":"CPANSA-Kelp-2014-01","reported":"2014-05-30"}],"main_module":"Kelp"},"HTML-Perlinfo":{"versions":[{"version":"1.00","date":"2005-08-18T21:39:08"},{"version":"1.05","date":"2005-09-19T20:41:07"},{"version":"1.25","date":"2006-01-14T05:25:20"},{"date":"2006-08-13T03:42:36","version":"1.40"},{"date":"2006-08-13T09:29:45","version":"1.41"},{"date":"2006-08-15T01:04:34","version":"1.42"},{"version":"1.43","date":"2006-08-25T07:51:28"},{"date":"2006-09-10T23:20:13","version":"1.44"},{"date":"2006-09-24T02:22:48","version":"1.45"},{"version":"1.46","date":"2006-09-27T20:08:12"},{"version":"1.47","date":"2006-10-02T19:30:30"},{"date":"2008-03-16T03:15:04","version":"1.48"},{"date":"2008-04-26T04:17:07","version":"1.49"},{"date":"2008-04-30T20:44:40","version":"1.50"},{"date":"2008-06-08T21:07:29","version":"1.51"},{"date":"2008-07-03T23:57:26","version":"1.52"},{"date":"2008-07-21T22:24:22","version":"1.53"},{"version":"1.54","date":"2008-07-27T23:52:36"},{"version":"1.55","date":"2009-04-08T01:09:54"},{"date":"2009-04-08T19:06:59","version":"1.56"},{"version":"1.57","date":"2009-04-16T15:57:34"},{"version":"1.58","date":"2009-04-17T02:41:48"},{"date":"2009-04-22T03:29:45","version":"1.59"},{"version":"1.60","date":"2009-05-02T20:48:38"},{"version":"1.60","date":"2009-05-02T22:21:42"},{"version":"1.61","date":"2009-05-03T23:02:35"},{"date":"2011-06-13T19:28:39","version":"1.62"},{"date":"2014-08-19T21:37:30","version":"1.63"},{"date":"2014-08-19T22:29:15","version":"1.64"},{"version":"1.65","date":"2015-06-06T23:25:41"},{"version":"1.66","date":"2015-06-08T18:20:03"},{"version":"1.67","date":"2015-06-08T20:22:33"},{"version":"1.68","date":"2015-06-12T02:03:18"},{"version":"1.69","date":"2016-11-29T19:21:00"},{"version":"1.70","date":"2019-06-24T15:33:44"},{"date":"2019-06-25T02:15:30","version":"1.71"},{"version":"1.72","date":"2019-07-02T19:22:14"},{"date":"2019-07-02T20:41:23","version":"1.73"}],"main_module":"HTML::Perlinfo","advisories":[{"fixed_versions":[">=1.52"],"distribution":"HTML-Perlinfo","cves":[],"affected_versions":["<1.52"],"references":["https://metacpan.org/changes/release/ACCARDO/HTML-Perlinfo-1.52"],"id":"CPANSA-HTML-Perlinfo-2008-01","reported":"2008-07-04","description":"Possibility of denial-of-service attack.\n"}]},"Crypt-OpenSSL-DSA":{"advisories":[{"description":"Missing error check in do_verify, which might allow remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature.\n","reported":"2009-01-15","id":"CPANSA-Crypt-OpenSSL-DSA-2009-01","references":["https://metacpan.org/changes/distribution/Crypt-OpenSSL-DSA","https://www.openwall.com/lists/oss-security/2009/01/12/4","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511519"],"affected_versions":["<0.14"],"fixed_versions":[">=0.14"],"cves":["CVE-2009-0129"],"distribution":"Crypt-OpenSSL-DSA"}],"main_module":"Crypt::OpenSSL::DSA","versions":[{"date":"2001-09-19T04:45:14","version":"0.01"},{"version":"0.02","date":"2001-09-24T17:32:49"},{"date":"2002-02-07T05:57:36","version":"0.03"},{"version":"0.04","date":"2002-09-24T04:52:06"},{"date":"2002-09-26T00:21:17","version":"0.10"},{"version":"0.11","date":"2003-01-06T19:08:08"},{"version":"0.12","date":"2005-05-23T01:44:36"},{"date":"2005-10-15T21:37:10","version":"0.13"},{"version":"0.14","date":"2012-10-16T22:55:16"},{"date":"2015-02-03T21:57:37","version":"0.15"},{"version":"0.16","date":"2016-10-27T11:25:18"},{"date":"2016-10-27T18:54:42","version":"0.17"},{"date":"2016-11-17T10:33:35","version":"0.18"},{"date":"2017-01-13T08:24:56","version":"0.19"},{"date":"2021-03-20T12:31:50","version":"0.20"}]},"Mojolicious":{"advisories":[{"severity":null,"reported":"2022-12-10","id":"CPANSA-Mojolicious-2022-03","description":"Mojo::DOM did not correctly parse