Fluid Attacks Database

Description

The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libcgi-application-perl	>=0 <4.50-2	4.50-2
debian 11	libcgi-application-perl	>=0 <4.50-2	4.50-2
debian 13	libcgi-application-perl	>=0 <4.50-2	4.50-2
debian 12	libcgi-application-perl	>=0 <4.50-2	4.50-2

Aliases

1. CVE-2013-73292. NVD-2013-73293. OSV-DEBIAN-2013-73294. OSV-2013-73295. SECURITY-TRACKER-CVE-2013-7329

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.