Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: cpan warning for XML::DoubleEncodedEntities

by kcott (Archbishop)
on Dec 30, 2022 at 02:42 UTC ( [id://11149193]=note: print w/replies, xml ) Need Help??


in reply to cpan warning for XML::DoubleEncodedEntities

G'day Aldebaran,

"Fishing for tips"

Take a look at "Perl : Security Vulnerabilities". In particular, CVE-2020-16156 ("CPAN 2.28 allows Signature Verification Bypass."), which (at the time of writing) is at the top of the list.

I seem to recall that, if you follow enough links from ++marto's "Super Search result", you'll get to that CVE information, eventually. I couldn't find it after a brief search, so I've posted it separately.

That whole "Perl : Security Vulnerabilities" page may be of general interest to you; and, I imagine, quite a few other monks.

— Ken

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11149193]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others surveying the Monastery: (3)
As of 2024-03-29 15:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found