Search criteria
2 vulnerabilities by data\
CVE-2021-29662 (GCVE-0-2021-29662)
Vulnerability from cvelistv5 – Published: 2021-03-31 17:28 – Updated: 2024-08-03 22:11
VLAI
Summary
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://blog.urth.org/2021/03/29/security-issues-… | x_refsource_MISC |
| https://github.com/houseabsolute/Data-Validate-IP… | x_refsource_MISC |
| https://sick.codes/sick-2021-018/ | x_refsource_MISC |
| https://github.com/houseabsolute/Data-Validate-IP | x_refsource_MISC |
| https://github.com/sickcodes/security/blob/master… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2021060… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:11:06.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sick.codes/sick-2021-018/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T09:06:16.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sick.codes/sick-2021-018/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/",
"refsource": "MISC",
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"name": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e",
"refsource": "MISC",
"url": "https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e"
},
{
"name": "https://sick.codes/sick-2021-018/",
"refsource": "MISC",
"url": "https://sick.codes/sick-2021-018/"
},
{
"name": "https://github.com/houseabsolute/Data-Validate-IP",
"refsource": "MISC",
"url": "https://github.com/houseabsolute/Data-Validate-IP"
},
{
"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md",
"refsource": "MISC",
"url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-018.md"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210604-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210604-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-29662",
"datePublished": "2021-03-31T17:28:16.000Z",
"dateReserved": "2021-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:11:06.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4184 (GCVE-0-2013-4184)
Vulnerability from cvelistv5 – Published: 2019-12-10 00:00 – Updated: 2024-08-06 16:38
VLAI
Summary
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
Severity
No CVSS data available.
CWE
- attacks
Assigner
References
13 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| libdata-uuid-perl | libdata-uuid-perl |
Affected:
1.219
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61534"
},
{
"tags": [
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"name": "FEDORA-2024-3da8ed5be3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"name": "FEDORA-2024-a58a7e2388",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"name": "FEDORA-2024-08bb549a36",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libdata-uuid-perl",
"vendor": "libdata-uuid-perl",
"versions": [
{
"status": "affected",
"version": "1.219"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "attacks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T03:05:59.982Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4184"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4184"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-4184"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-4184"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/07/31/4"
},
{
"url": "http://www.securityfocus.com/bid/61534"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86103"
},
{
"name": "FEDORA-2024-3da8ed5be3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3F2KOK2SM2LFI4BNFOVV2G2XVJQBIMZL/"
},
{
"name": "FEDORA-2024-a58a7e2388",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTKH3TWUOXBAAZST7364UVZ4UPH4CEO7/"
},
{
"name": "FEDORA-2024-08bb549a36",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4184",
"datePublished": "2019-12-10T00:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}