SOAP-Lite 1.14
Security Advisories
CVE-2015-8978
An example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with the document consisting of a single instance of the largest entity, which expands to one billion copies of the first entity. The amount of computer memory used for handling an external SOAP call would likely exceed that available to the process parsing the XML.
- https://www.securityfocus.com/bid/94487
- https://github.com/redhotpenguin/perl-soaplite/commit/6942fe0d281be1c32c5117605f9c4e8d44f51124
Fixed version: >=1.15
Reported: 2015-07-21
Kwalitee Issues
- prereq_matches_use
-
List all used modules in META.yml requires
Error:
- MIME::Lite
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Apache::SOAP, SOAP::Constants, SOAP::Lite::Deserializer::XMLSchema1999, SOAP::Lite::Deserializer::XMLSchema2001, SOAP::Lite::Deserializer::XMLSchemaSOAP1_1, SOAP::Lite::Deserializer::XMLSchemaSOAP1_2, SOAP::Lite::Packager, SOAP::Lite::Utils, SOAP::Packager, SOAP::Test, SOAP::Transport::HTTP, SOAP::Transport::IO, SOAP::Transport::LOCAL, SOAP::Transport::LOOPBACK, SOAP::Transport::MAILTO, SOAP::Transport::POP3, SOAP::Transport::TCP
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 1.12,1.14
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Apache::SOAP | mod_perl-based SOAP server with minimum configuration | 1.12 | metacpan |
SOAP::Constants | SOAP::Lite provides several variables to allows programmers and users to modify the behavior of SOAP::Lite in specific ways. | 1.12 | metacpan |
SOAP::Lite | Perl's Web Services Toolkit | 1.14 | metacpan |
SOAP::Lite::Deserializer::XMLSchema1999 | metacpan | ||
SOAP::Lite::Deserializer::XMLSchema2001 | metacpan | ||
SOAP::Lite::Deserializer::XMLSchemaSOAP1_1 | metacpan | ||
SOAP::Lite::Deserializer::XMLSchemaSOAP1_2 | metacpan | ||
SOAP::Lite::Packager | this class is an abstract class which allows for multiple types of packaging agents such as MIME and DIME. | metacpan | |
SOAP::Lite::Utils | metacpan | ||
SOAP::Packager | this class is an abstract class which allows for multiple types of packaging agents such as MIME and DIME. | 1.12 | metacpan |
SOAP::Test | Test framework for SOAP::Lite | 1.12 | metacpan |
SOAP::Transport::HTTP | 1.14 | metacpan | |
SOAP::Transport::IO | 1.12 | metacpan | |
SOAP::Transport::LOCAL | 1.12 | metacpan | |
SOAP::Transport::LOOPBACK | Test loopback transport backend (Client only) | metacpan | |
SOAP::Transport::MAILTO | 1.12 | metacpan | |
SOAP::Transport::POP3 | Server side POP3 support for SOAP::Lite | 1.12 | metacpan |
SOAP::Transport::TCP | TCP Transport Support for SOAP::Lite | 1.12 | metacpan |
Provides
Name | File | View |
---|---|---|
My::PingPong | lib/SOAP/Test.pm | metacpan |
SOAP | lib/SOAP/Lite.pm | metacpan |
SOAP::Client | lib/SOAP/Lite.pm | metacpan |
SOAP::Cloneable | lib/SOAP/Lite.pm | metacpan |
SOAP::Custom::XML::Data | lib/SOAP/Lite.pm | metacpan |
SOAP::Custom::XML::Deserializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Data | lib/SOAP/Lite.pm | metacpan |
SOAP::Deserializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Fault | lib/SOAP/Lite.pm | metacpan |
SOAP::Header | lib/SOAP/Lite.pm | metacpan |
SOAP::Lite::COM | lib/SOAP/Lite.pm | metacpan |
SOAP::Lite::Packager::DIME | lib/SOAP/Lite/Packager.pm | metacpan |
SOAP::Lite::Packager::MIME | lib/SOAP/Lite/Packager.pm | metacpan |
SOAP::Packager::DIME | lib/SOAP/Packager.pm | metacpan |
SOAP::Packager::MIME | lib/SOAP/Packager.pm | metacpan |
SOAP::Parser | lib/SOAP/Lite.pm | metacpan |
SOAP::SOM | lib/SOAP/Lite.pm | metacpan |
SOAP::Schema | lib/SOAP/Lite.pm | metacpan |
SOAP::Schema::Deserializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Schema::WSDL | lib/SOAP/Lite.pm | metacpan |
SOAP::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Server | lib/SOAP/Lite.pm | metacpan |
SOAP::Server::Object | lib/SOAP/Lite.pm | metacpan |
SOAP::Server::Parameters | lib/SOAP/Lite.pm | metacpan |
SOAP::Test::Server | lib/SOAP/Test.pm | metacpan |
SOAP::Trace | lib/SOAP/Lite.pm | metacpan |
SOAP::Transport | lib/SOAP/Lite.pm | metacpan |
SOAP::Transport::HTTP::Apache | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::CGI | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::Client | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::Daemon | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::FCGI | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::Server | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::IO::Server | lib/SOAP/Transport/IO.pm | metacpan |
SOAP::Transport::LOCAL::Client | lib/SOAP/Transport/LOCAL.pm | metacpan |
SOAP::Transport::LOOPBACK::Client | lib/SOAP/Transport/LOOPBACK.pm | metacpan |
SOAP::Transport::MAILTO::Client | lib/SOAP/Transport/MAILTO.pm | metacpan |
SOAP::Transport::POP3::Server | lib/SOAP/Transport/POP3.pm | metacpan |
SOAP::Transport::TCP::Client | lib/SOAP/Transport/TCP.pm | metacpan |
SOAP::Transport::TCP::Server | lib/SOAP/Transport/TCP.pm | metacpan |
SOAP::Utils | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchema1999::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchema2001::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchema::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchemaApacheSOAP::Deserializer | lib/SOAP/Lite.pm | metacpan |
URI::tcp | lib/SOAP/Transport/TCP.pm | metacpan |