Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe

Filtered by product Mod Perl

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2007-1349	3 Apache, Canonical, Redhat	7 Mod Perl, Ubuntu Linux, Enterprise Linux Desktop and 4 more	2022-02-03	5.0 MEDIUM	N/A
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
CVE-2009-0796	1 Apache	2 Http Server, Mod Perl	2018-10-10	2.6 LOW	N/A
Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI.