IDCVSSSummaryLast (major) updatePublished
CVE-2011-0633 4.3
The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by
25-05-2011 - 00:00 13-05-2011 - 18:55
CVE-2010-2253 6.8
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Dis
06-11-2010 - 01:37 06-07-2010 - 13:17
Back to Top Mark selected
Back to Top