Aggregates CVE and security vulnerability intelligence across all cpan-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk path handling and vendor risk cross-site scripting; exposure may include vendor impact file overwrite in vendor surface production workloads and vendor surface software deployment contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2011-4117 | The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files. | [email protected] | 7.5 | 1.32% | 2020-01-31 | 2024-11-21 |
| CVE-2011-4116 | _is_safe in the File::Temp module for Perl does not properly handle symlinks. | [email protected] | 3.3 | 0.52% | 2020-01-31 | 2025-08-04 |
| CVE-2011-4115 | Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files. | [email protected] | 7.5 | 1.69% | 2020-01-31 | 2024-11-21 |
| CVE-2008-7315 | UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands. | [email protected] | 9.8 | 3.43% | 2017-10-10 | 2026-05-13 |
| CVE-2004-2332 | Multiple cross-site scripting (XSS) vulnerabilities in CPAN WWW::Form before 1.13 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | [email protected] | 4.3 | 1.21% | 2004-12-31 | 2026-04-16 |