CVE-2010-4802

Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.

Published: 2011-05-03 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2010-4802 is rated Moderate Risk (61.3/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 0.49%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2010-4802

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-03-30 1.19% 0.49% -0.69%
2 2025-03-29 0.49% 1.19% +0.69%
3 2025-03-17 0.49%

Full EPSS history (5 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2010-4802

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2010-4802

OS Trackers for CVE-2010-4802

vendor priority summary link
debian not yet assigned CVE-2010-4802 not yet assigned priority: Debian including 1 source packages (libmojolicious-perl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2010-4802
ubuntu medium CVE-2010-4802 medium priority: Ubuntu including 1 source packages (libmojolicious-perl), 6 status rows across 6 suites (dapper, hardy, lucid, maverick, natty, upstream): DNE 4, not-affected 1, released 1. https://ubuntu.com/security/CVE-2010-4802

Affected software / configurations for CVE-2010-4802

Vendor Product Version Raw CPE
mojolicious mojolicious <= 0.999927 cpe:2.3:a:mojolicious:mojolicious:*:*:*:*:*:*:*:*
mojolicious mojolicious 0.2 cpe:2.3:a:mojolicious:mojolicious:0.2:*:*:*:*:*:*:*
mojolicious mojolicious 0.3 cpe:2.3:a:mojolicious:mojolicious:0.3:*:*:*:*:*:*:*
mojolicious mojolicious 0.4 cpe:2.3:a:mojolicious:mojolicious:0.4:*:*:*:*:*:*:*
mojolicious mojolicious 0.5 cpe:2.3:a:mojolicious:mojolicious:0.5:*:*:*:*:*:*:*
mojolicious mojolicious 0.6 cpe:2.3:a:mojolicious:mojolicious:0.6:*:*:*:*:*:*:*
mojolicious mojolicious 0.7 cpe:2.3:a:mojolicious:mojolicious:0.7:*:*:*:*:*:*:*
mojolicious mojolicious 0.8 cpe:2.3:a:mojolicious:mojolicious:0.8:*:*:*:*:*:*:*
mojolicious mojolicious 0.8.1 cpe:2.3:a:mojolicious:mojolicious:0.8.1:*:*:*:*:*:*:*
mojolicious mojolicious 0.8.2 cpe:2.3:a:mojolicious:mojolicious:0.8.2:*:*:*:*:*:*:*
mojolicious mojolicious 0.8.3 cpe:2.3:a:mojolicious:mojolicious:0.8.3:*:*:*:*:*:*:*
mojolicious mojolicious 0.8.4 cpe:2.3:a:mojolicious:mojolicious:0.8.4:*:*:*:*:*:*:*
mojolicious mojolicious 0.8.5 cpe:2.3:a:mojolicious:mojolicious:0.8.5:*:*:*:*:*:*:*
mojolicious mojolicious 0.9 cpe:2.3:a:mojolicious:mojolicious:0.9:*:*:*:*:*:*:*
mojolicious mojolicious 0.8006 cpe:2.3:a:mojolicious:mojolicious:0.8006:*:*:*:*:*:*:*
mojolicious mojolicious 0.8007 cpe:2.3:a:mojolicious:mojolicious:0.8007:*:*:*:*:*:*:*
mojolicious mojolicious 0.8008 cpe:2.3:a:mojolicious:mojolicious:0.8008:*:*:*:*:*:*:*
mojolicious mojolicious 0.8009 cpe:2.3:a:mojolicious:mojolicious:0.8009:*:*:*:*:*:*:*
mojolicious mojolicious 0.9001 cpe:2.3:a:mojolicious:mojolicious:0.9001:*:*:*:*:*:*:*
mojolicious mojolicious 0.9002 cpe:2.3:a:mojolicious:mojolicious:0.9002:*:*:*:*:*:*:*
mojolicious mojolicious 0.991231 cpe:2.3:a:mojolicious:mojolicious:0.991231:*:*:*:*:*:*:*
mojolicious mojolicious 0.991232 cpe:2.3:a:mojolicious:mojolicious:0.991232:*:*:*:*:*:*:*
mojolicious mojolicious 0.991233 cpe:2.3:a:mojolicious:mojolicious:0.991233:*:*:*:*:*:*:*
mojolicious mojolicious 0.991234 cpe:2.3:a:mojolicious:mojolicious:0.991234:*:*:*:*:*:*:*
mojolicious mojolicious 0.991235 cpe:2.3:a:mojolicious:mojolicious:0.991235:*:*:*:*:*:*:*
mojolicious mojolicious 0.991236 cpe:2.3:a:mojolicious:mojolicious:0.991236:*:*:*:*:*:*:*
mojolicious mojolicious 0.991237 cpe:2.3:a:mojolicious:mojolicious:0.991237:*:*:*:*:*:*:*
mojolicious mojolicious 0.991238 cpe:2.3:a:mojolicious:mojolicious:0.991238:*:*:*:*:*:*:*
mojolicious mojolicious 0.991239 cpe:2.3:a:mojolicious:mojolicious:0.991239:*:*:*:*:*:*:*
mojolicious mojolicious 0.991240 cpe:2.3:a:mojolicious:mojolicious:0.991240:*:*:*:*:*:*:*
mojolicious mojolicious 0.991241 cpe:2.3:a:mojolicious:mojolicious:0.991241:*:*:*:*:*:*:*
mojolicious mojolicious 0.991242 cpe:2.3:a:mojolicious:mojolicious:0.991242:*:*:*:*:*:*:*
mojolicious mojolicious 0.991243 cpe:2.3:a:mojolicious:mojolicious:0.991243:*:*:*:*:*:*:*
mojolicious mojolicious 0.991244 cpe:2.3:a:mojolicious:mojolicious:0.991244:*:*:*:*:*:*:*
mojolicious mojolicious 0.991245 cpe:2.3:a:mojolicious:mojolicious:0.991245:*:*:*:*:*:*:*
mojolicious mojolicious 0.991246 cpe:2.3:a:mojolicious:mojolicious:0.991246:*:*:*:*:*:*:*
mojolicious mojolicious 0.991250 cpe:2.3:a:mojolicious:mojolicious:0.991250:*:*:*:*:*:*:*
mojolicious mojolicious 0.991251 cpe:2.3:a:mojolicious:mojolicious:0.991251:*:*:*:*:*:*:*
mojolicious mojolicious 0.999901 cpe:2.3:a:mojolicious:mojolicious:0.999901:*:*:*:*:*:*:*
mojolicious mojolicious 0.999902 cpe:2.3:a:mojolicious:mojolicious:0.999902:*:*:*:*:*:*:*
mojolicious mojolicious 0.999903 cpe:2.3:a:mojolicious:mojolicious:0.999903:*:*:*:*:*:*:*
mojolicious mojolicious 0.999904 cpe:2.3:a:mojolicious:mojolicious:0.999904:*:*:*:*:*:*:*
mojolicious mojolicious 0.999905 cpe:2.3:a:mojolicious:mojolicious:0.999905:*:*:*:*:*:*:*
mojolicious mojolicious 0.999906 cpe:2.3:a:mojolicious:mojolicious:0.999906:*:*:*:*:*:*:*
mojolicious mojolicious 0.999907 cpe:2.3:a:mojolicious:mojolicious:0.999907:*:*:*:*:*:*:*
mojolicious mojolicious 0.999908 cpe:2.3:a:mojolicious:mojolicious:0.999908:*:*:*:*:*:*:*
mojolicious mojolicious 0.999909 cpe:2.3:a:mojolicious:mojolicious:0.999909:*:*:*:*:*:*:*
mojolicious mojolicious 0.999910 cpe:2.3:a:mojolicious:mojolicious:0.999910:*:*:*:*:*:*:*
mojolicious mojolicious 0.999911 cpe:2.3:a:mojolicious:mojolicious:0.999911:*:*:*:*:*:*:*
mojolicious mojolicious 0.999912 cpe:2.3:a:mojolicious:mojolicious:0.999912:*:*:*:*:*:*:*
mojolicious mojolicious 0.999913 cpe:2.3:a:mojolicious:mojolicious:0.999913:*:*:*:*:*:*:*
mojolicious mojolicious 0.999914 cpe:2.3:a:mojolicious:mojolicious:0.999914:*:*:*:*:*:*:*
mojolicious mojolicious 0.999920 cpe:2.3:a:mojolicious:mojolicious:0.999920:*:*:*:*:*:*:*
mojolicious mojolicious 0.999921 cpe:2.3:a:mojolicious:mojolicious:0.999921:*:*:*:*:*:*:*
mojolicious mojolicious 0.999922 cpe:2.3:a:mojolicious:mojolicious:0.999922:*:*:*:*:*:*:*
mojolicious mojolicious 0.999923 cpe:2.3:a:mojolicious:mojolicious:0.999923:*:*:*:*:*:*:*
mojolicious mojolicious 0.999924 cpe:2.3:a:mojolicious:mojolicious:0.999924:*:*:*:*:*:*:*
mojolicious mojolicious 0.999925 cpe:2.3:a:mojolicious:mojolicious:0.999925:*:*:*:*:*:*:*
mojolicious mojolicious 0.999926 cpe:2.3:a:mojolicious:mojolicious:0.999926:*:*:*:*:*:*:*

References for CVE-2010-4802

cvelogic Threat Intelligence