CVE-2010-4802

Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
mojoliciousmojolicious
𝑥
≤ 0.999927
mojoliciousmojolicious
0.2
mojoliciousmojolicious
0.3
mojoliciousmojolicious
0.4
mojoliciousmojolicious
0.5
mojoliciousmojolicious
0.6
mojoliciousmojolicious
0.7
mojoliciousmojolicious
0.8
mojoliciousmojolicious
0.8.1
mojoliciousmojolicious
0.8.2
mojoliciousmojolicious
0.8.3
mojoliciousmojolicious
0.8.4
mojoliciousmojolicious
0.8.5
mojoliciousmojolicious
0.9
mojoliciousmojolicious
0.8006
mojoliciousmojolicious
0.8007
mojoliciousmojolicious
0.8008
mojoliciousmojolicious
0.8009
mojoliciousmojolicious
0.9001
mojoliciousmojolicious
0.9002
mojoliciousmojolicious
0.991231
mojoliciousmojolicious
0.991232
mojoliciousmojolicious
0.991233
mojoliciousmojolicious
0.991234
mojoliciousmojolicious
0.991235
mojoliciousmojolicious
0.991236
mojoliciousmojolicious
0.991237
mojoliciousmojolicious
0.991238
mojoliciousmojolicious
0.991239
mojoliciousmojolicious
0.991240
mojoliciousmojolicious
0.991241
mojoliciousmojolicious
0.991242
mojoliciousmojolicious
0.991243
mojoliciousmojolicious
0.991244
mojoliciousmojolicious
0.991245
mojoliciousmojolicious
0.991246
mojoliciousmojolicious
0.991250
mojoliciousmojolicious
0.991251
mojoliciousmojolicious
0.999901
mojoliciousmojolicious
0.999902
mojoliciousmojolicious
0.999903
mojoliciousmojolicious
0.999904
mojoliciousmojolicious
0.999905
mojoliciousmojolicious
0.999906
mojoliciousmojolicious
0.999907
mojoliciousmojolicious
0.999908
mojoliciousmojolicious
0.999909
mojoliciousmojolicious
0.999910
mojoliciousmojolicious
0.999911
mojoliciousmojolicious
0.999912
mojoliciousmojolicious
0.999913
mojoliciousmojolicious
0.999914
mojoliciousmojolicious
0.999920
mojoliciousmojolicious
0.999921
mojoliciousmojolicious
0.999922
mojoliciousmojolicious
0.999923
mojoliciousmojolicious
0.999924
mojoliciousmojolicious
0.999925
mojoliciousmojolicious
0.999926
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libmojolicious-perl
bullseye
8.71+dfsg-1
fixed
bookworm
9.31+dfsg-1
fixed
sid
9.38+dfsg-1
fixed
trixie
9.38+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libmojolicious-perl
natty
not-affected
maverick
dne
lucid
dne
hardy
dne
dapper
dne
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952
http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.20/Changes
http://www.debian.org/security/2011/dsa-2239
https://github.com/kraih/mojo/commit/aa7c8da54b1ebd4ccb64aa66dede7b7cdb381c44
https://github.com/kraih/mojo/commit/b3a1fb453eda447c0bb082cd9eed81bb75a7564a
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622952
http://cpansearch.perl.org/src/KRAIH/Mojolicious-1.20/Changes
http://www.debian.org/security/2011/dsa-2239
https://github.com/kraih/mojo/commit/aa7c8da54b1ebd4ccb64aa66dede7b7cdb381c44
https://github.com/kraih/mojo/commit/b3a1fb453eda447c0bb082cd9eed81bb75a7564a