Dancer

dancer

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Dancer

dancer

1 CVE

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-1010084 1Dancer 1\ Nov 21, 2024 Jul 17, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to _ensure_auth() wrapper result in authent...Show more Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to _ensure_auth() wrapper result in authentication-checking not being applied to al routes.Show less
CVE-2012-5572 1Dancer 1Dancer May 6, 2026 May 30, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a d...Show more CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CVE-2012-5526.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-1010084

1Dancer

Nov 21, 2024

Jul 17, 2019

N/A· v4

6.5 MEDIUM· v3

4.0 MEDIUM· v2

Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to _ensure_auth() wrapper result in authent...Show more

CVE-2012-5572

1Dancer

May 6, 2026

May 30, 2014

N/A· v4

N/A· v3

5.0 MEDIUM· v2

CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a d...Show more