Search criteria
6 vulnerabilities found for \ by data\
FKIE_CVE-2021-29662
Vulnerability from fkie_nvd - Published: 2021-03-31 18:15 - Updated: 2024-11-21 06:01
Severity ?
Summary
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| data\ | \ | validate\ | |
| netapp | snapcenter | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:data\\:\\:validate\\:\\:ip_project:data\\:\\:validate\\:\\:ip:*:*:*:*:*:perl:*:*",
"matchCriteriaId": "612FC238-2C82-44A8-83E5-8F263697F9F6",
"versionEndIncluding": "0.29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
},
{
"lang": "es",
"value": "El m\u00f3dulo Data::Validate::IP versiones hasta 0.29 para Perl, no considera apropiadamente los caracteres cero extra\u00f1os al comienzo de una cadena de direcci\u00f3n IP, lo que (en algunas situaciones) permite a los atacantes omitir el control de acceso que se basa en direcciones IP."
}
],
"id": "CVE-2021-29662",
"lastModified": "2024-11-21T06:01:36.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-31T18:15:16.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://sick.codes/sick-2021-018/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://sick.codes/sick-2021-018/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4184
Vulnerability from fkie_nvd - Published: 2019-12-10 15:15 - Updated: 2024-11-21 01:55
Severity ?
Summary
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| data\ | \ | uuid_project | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:data\\:\\:uuid_project:data\\:\\:uuid:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED03FC45-1ABC-462A-B98E-703EC980049B",
"versionEndExcluding": "1.224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks"
},
{
"lang": "es",
"value": "El m\u00f3dulo Data::UUID de Perl de CPAN versi\u00f3n 1.219, es vulnerable a ataques de tipo symlink."
}
],
"id": "CVE-2013-4184",
"lastModified": "2024-11-21T01:55:05.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-10T15:15:11.573",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-29662 (GCVE-0-2021-29662)
Vulnerability from cvelistv5 – Published: 2021-03-31 17:28 – Updated: 2024-08-03 22:11
VLAI?
Summary
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:11:06.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sick.codes/sick-2021-018/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T09:06:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sick.codes/sick-2021-018/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/",
"refsource": "MISC",
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"name": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e",
"refsource": "MISC",
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"name": "https://sick.codes/sick-2021-018/",
"refsource": "MISC",
"url": "https://sick.codes/sick-2021-018/"
},
{
"name": "https://github.com/houseabsolute/Data-Validate-IP",
"refsource": "MISC",
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md",
"refsource": "MISC",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210604-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-29662",
"datePublished": "2021-03-31T17:28:16",
"dateReserved": "2021-03-31T00:00:00",
"dateUpdated": "2024-08-03T22:11:06.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4184 (GCVE-0-2013-4184)
Vulnerability from cvelistv5 – Published: 2019-12-10 00:00 – Updated: 2024-08-06 16:38
VLAI?
Summary
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
Severity ?
No CVSS data available.
CWE
- attacks
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| libdata-uuid-perl | libdata-uuid-perl |
Affected:
1.219
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61534"
},
{
"tags": [
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"name": "FEDORA-2024-3da8ed5be3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"name": "FEDORA-2024-a58a7e2388",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"name": "FEDORA-2024-08bb549a36",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libdata-uuid-perl",
"vendor": "libdata-uuid-perl",
"versions": [
{
"status": "affected",
"version": "1.219"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "attacks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T03:05:59.982402",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"url": "http://www.securityfocus.com/bid/61534"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"name": "FEDORA-2024-3da8ed5be3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"name": "FEDORA-2024-a58a7e2388",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"name": "FEDORA-2024-08bb549a36",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4184",
"datePublished": "2019-12-10T00:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29662 (GCVE-0-2021-29662)
Vulnerability from nvd – Published: 2021-03-31 17:28 – Updated: 2024-08-03 22:11
VLAI?
Summary
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:11:06.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sick.codes/sick-2021-018/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T09:06:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sick.codes/sick-2021-018/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/",
"refsource": "MISC",
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"name": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e",
"refsource": "MISC",
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"name": "https://sick.codes/sick-2021-018/",
"refsource": "MISC",
"url": "https://sick.codes/sick-2021-018/"
},
{
"name": "https://github.com/houseabsolute/Data-Validate-IP",
"refsource": "MISC",
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md",
"refsource": "MISC",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210604-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-29662",
"datePublished": "2021-03-31T17:28:16",
"dateReserved": "2021-03-31T00:00:00",
"dateUpdated": "2024-08-03T22:11:06.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4184 (GCVE-0-2013-4184)
Vulnerability from nvd – Published: 2019-12-10 00:00 – Updated: 2024-08-06 16:38
VLAI?
Summary
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
Severity ?
No CVSS data available.
CWE
- attacks
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| libdata-uuid-perl | libdata-uuid-perl |
Affected:
1.219
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61534"
},
{
"tags": [
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"name": "FEDORA-2024-3da8ed5be3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"name": "FEDORA-2024-a58a7e2388",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"name": "FEDORA-2024-08bb549a36",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libdata-uuid-perl",
"vendor": "libdata-uuid-perl",
"versions": [
{
"status": "affected",
"version": "1.219"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "attacks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T03:05:59.982402",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"url": "http://www.securityfocus.com/bid/61534"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"name": "FEDORA-2024-3da8ed5be3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"name": "FEDORA-2024-a58a7e2388",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"name": "FEDORA-2024-08bb549a36",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4184",
"datePublished": "2019-12-10T00:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}