Vulnerabilities > Gisle AAS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-01-13 | CVE-2011-3597 | Improper Input Validation vulnerability in Gisle AAS Digest Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. | 7.5 |
2011-05-13 | CVE-2011-0633 | Improper Input Validation vulnerability in multiple products The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof servers via man-in-the-middle (MITM) attacks involving hostnames that are not properly validated. | 4.3 |
2010-07-06 | CVE-2010-2253 | Improper Input Validation vulnerability in multiple products lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . | 6.8 |
2002-07-26 | CVE-2002-0703 | Unspecified vulnerability in Gisle AAS Digest-Md5 An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. | 7.5 |