Every CVE whose affected-product data names Andy Armstrong Cgi.pm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2012-5526 — CVSS 5.0 (medium): CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote…
CVE-2010-2761 — CVSS 4.3 (medium): The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME…
CVE-2010-4410 — CVSS 4.3 (medium): CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows…
CVE-2010-4411 — CVSS 4.3 (medium): Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response…