CyberSec.Space Logo
Back to CVE Browser

CVE-2012-6142

HIGH
7.5
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile27.96th
PublishedJun 4, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

Session::Cookie in the HTML::EP module 0.2011 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.

Affected Platforms (CPE)

πŸ“¦
Jochen Wiedmann

Html\

= \

References & Advisories

πŸ”— http://seclists.org/oss-sec/2013/q2/318
πŸ”— http://www.securityfocus.com/bid/59833
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/84199
πŸ”— http://seclists.org/oss-sec/2013/q2/318
πŸ”— http://www.securityfocus.com/bid/59833
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/84199

Related Vulnerabilities

CVE-2019-1215310.0

Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF, allowing attackers to access netw...

CVE-2021-3267110.0

Flarum is a forum software for building communities. Flarum's translation system allowed for string inputs to be converted into HT...

CVE-2018-1904710.0

mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="htt...

CVE-2021-3919910.0

remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-htm...

CVE-2012-6142 Detail & Impact Analysis | CVSS 7.5 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space