Lincoln D. Stein : Security Vulnerabilities, CVEs,
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael.
Max CVSS
2.6
EPSS Score
1.15%
Published
2006-02-25
Updated
2018-10-18
Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation.
Max CVSS
5.0
EPSS Score
0.26%
Published
1999-12-31
Updated
2017-10-10
2 vulnerabilities found