{"url":"http://public2.vulnerablecode.io/api/packages/101345?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.115-2?distro=trixie","type":"deb","namespace":"debian","name":"libcgi-simple-perl","version":"1.115-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.280-2+deb12u1","latest_non_vulnerable_version":"1.282-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75634?format=json","vulnerability_id":"VCID-w132-dmwg-hffb","summary":"CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions.  Although some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters.    As a result, an attacker can inject a line break (e.g. %0A) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks.  The issue documented in CVE-2010-4410 https://www.cve.org/CVERecord?id=CVE-2010-4410 is related but the fix was incomplete.  Impact  By injecting %0A (newline) into a query string parameter, an attacker can:    *  Break the current HTTP header   *  Inject a new header or entire body   *  Deliver a script payload that is reflected in the server’s response That can lead to the following attacks:    *  reflected XSS   *  open redirect   *  cache poisoning   *  header manipulation","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40927","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46569","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46535","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46524","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46549","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.4657","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2320","reference_id":"cvename.cgi?name=CVE-2004-2320","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-29T13:18:01Z/"}],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2320"},{"reference_url":"https://rt.perl.org/Public/Bug/Display.html?id=21951","reference_id":"Display.html?id=21951","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-29T13:18:01Z/"}],"url":"https://rt.perl.org/Public/Bug/Display.html?id=21951"},{"reference_url":"https://metacpan.org/release/MANWAR/CGI-Simple-1.281/diff/MANWAR/CGI-Simple-1.282/lib/CGI/Simple.pm","reference_id":"Simple.pm","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-29T13:18:01Z/"}],"url":"https://metacpan.org/release/MANWAR/CGI-Simple-1.281/diff/MANWAR/CGI-Simple-1.282/lib/CGI/Simple.pm"},{"reference_url":"https://metacpan.org/release/MANWAR/CGI-Simple-1.281/source/lib/CGI/Simple.pm#L1031-1035","reference_id":"Simple.pm#L1031-1035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-29T13:18:01Z/"}],"url":"https://metacpan.org/release/MANWAR/CGI-Simple-1.281/source/lib/CGI/Simple.pm#L1031-1035"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101343?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.280-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.280-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101347?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101346?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1%3Fdistro=trixie"}],"aliases":["CVE-2025-40927"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w132-dmwg-hffb"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75621?format=json","vulnerability_id":"VCID-dyd8-jza8-sbar","summary":"The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2761.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2761","reference_id":"","reference_type":"","scores":[{"value":"0.01848","scoring_system":"epss","scoring_elements":"0.8334","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01848","scoring_system":"epss","scoring_elements":"0.83364","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01848","scoring_system":"epss","scoring_elements":"0.83366","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01848","scoring_system":"epss","scoring_elements":"0.83363","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01848","scoring_system":"epss","scoring_elements":"0.83355","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01848","scoring_system":"epss","scoring_elements":"0.83369","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2761"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606370","reference_id":"606370","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606370"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606379","reference_id":"606379","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606379"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606995","reference_id":"606995","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606995"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=658976","reference_id":"658976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=658976"},{"reference_url":"https://security.gentoo.org/glsa/201110-03","reference_id":"GLSA-201110-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0558","reference_id":"RHSA-2011:0558","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1797","reference_id":"RHSA-2011:1797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1797"},{"reference_url":"https://usn.ubuntu.com/1129-1/","reference_id":"USN-1129-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1129-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101344?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.111-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.111-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101345?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.115-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-w132-dmwg-hffb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.115-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101343?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.280-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.280-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101347?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101346?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1%3Fdistro=trixie"}],"aliases":["CVE-2010-2761"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyd8-jza8-sbar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75626?format=json","vulnerability_id":"VCID-p7e9-stvc-jbbe","summary":"Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors.  NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4411","reference_id":"","reference_type":"","scores":[{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78665","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78692","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.787","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78691","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78678","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78696","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4411"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4411","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4411"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606370","reference_id":"606370","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606370"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606379","reference_id":"606379","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606379"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606995","reference_id":"606995","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606995"},{"reference_url":"https://security.gentoo.org/glsa/201110-03","reference_id":"GLSA-201110-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-03"},{"reference_url":"https://usn.ubuntu.com/1129-1/","reference_id":"USN-1129-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1129-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101344?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.111-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.111-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101345?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.115-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-w132-dmwg-hffb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.115-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101343?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.280-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.280-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101347?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101346?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1%3Fdistro=trixie"}],"aliases":["CVE-2010-4411"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p7e9-stvc-jbbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75624?format=json","vulnerability_id":"VCID-z3kx-yfxn-7yfq","summary":"CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related to non-whitespace characters preceded by newline characters, a different vulnerability than CVE-2010-2761 and CVE-2010-3172.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4410.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4410.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4410","reference_id":"","reference_type":"","scores":[{"value":"0.00845","scoring_system":"epss","scoring_elements":"0.75143","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00845","scoring_system":"epss","scoring_elements":"0.75173","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00845","scoring_system":"epss","scoring_elements":"0.75176","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00845","scoring_system":"epss","scoring_elements":"0.75169","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00845","scoring_system":"epss","scoring_elements":"0.75155","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00845","scoring_system":"epss","scoring_elements":"0.75182","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4410"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4410"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606370","reference_id":"606370","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606370"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606379","reference_id":"606379","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606379"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606995","reference_id":"606995","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606995"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=658976","reference_id":"658976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=658976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0558","reference_id":"RHSA-2011:0558","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1797","reference_id":"RHSA-2011:1797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1797"},{"reference_url":"https://usn.ubuntu.com/1129-1/","reference_id":"USN-1129-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1129-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101344?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.111-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.111-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101345?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.115-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-w132-dmwg-hffb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.115-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101343?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.280-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.280-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101347?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101346?format=json","purl":"pkg:deb/debian/libcgi-simple-perl@1.282-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.282-1%3Fdistro=trixie"}],"aliases":["CVE-2010-4410"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3kx-yfxn-7yfq"}],"risk_score":"3.3","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libcgi-simple-perl@1.115-2%3Fdistro=trixie"}