CPANSA-Mojolicious-2018-04: Mojolicious vulnerability
Publisher | giterlizzi | Document category | csaf_informational_advisory |
---|---|---|---|
Initial release date | 2018-08-09T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
Current release date | 2018-08-09T00:00:00 | Build Date | |
Current version | 1 | Status | final |
CVSS v3.1 Base Score | Severity | Critical | |
Original language | Language | en | |
Also referred to |
Vulnerability Description
This release reverts the addition of stream classes (added in 7.83), which have unfortunately resulted in many Mojolicious applications becoming unstable. While there are no known exploits yet, we've chosen to err on the side of cautiousness and will classify this as a security issue.
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Mojolicious-2018-04 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2018/cpansa-mojolicious-2018-04.json - https://github.com/mojolicious/mojo/commit/61f6cbf22c7bf8eb4787bd1014d91ee2416c73e7 external
https://github.com/mojolicious/mojo/commit/61f6cbf22c7bf8eb4787bd1014d91ee2416c73e7
Revision history
Version | Date of the revision | Summary of the revision |
---|---|---|
1 | Thu Aug 9 00:00:00 2018 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/