CPANSA-Mojolicious-2021-01: Mojolicious vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2021-03-16T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
| Current release date | 2021-03-16T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | 4.3 | Severity | |
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
A bug in format detection can potentially be exploited for a DoS attack.
Vulnerabilities
CVE-2021-47208
Vulnerability DescriptionThe Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service.
| Weakness | CWE-400 : Uncontrolled Resource Consumption |
|---|
Product status
Known affected
| Product | Score | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Mojolicious less than 9.11 |
|
Fixed
- Mojolicious greater than or equal 9.11
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Mojolicious-2021-01 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2021/cpansa-mojolicious-2021-01.json - https://github.com/mojolicious/mojo/issues/1736 external
https://github.com/mojolicious/mojo/issues/1736 - https://github.com/mojolicious/mojo/commit/a0c4576ffb11c235088550de9ba7ac4196e1953c external
https://github.com/mojolicious/mojo/commit/a0c4576ffb11c235088550de9ba7ac4196e1953c - CVE-2021-47208 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2021-47208
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Tue Mar 16 00:00:00 2021 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/