SOAP-Lite 1.01
Security Advisories
CVE-2015-8978
An example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with the document consisting of a single instance of the largest entity, which expands to one billion copies of the first entity. The amount of computer memory used for handling an external SOAP call would likely exceed that available to the process parsing the XML.
- https://www.securityfocus.com/bid/94487
- https://github.com/redhotpenguin/perl-soaplite/commit/6942fe0d281be1c32c5117605f9c4e8d44f51124
Fixed version: >=1.15
Reported: 2015-07-21
Kwalitee Issues
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: SOAP::Lite::Deserializer::XMLSchemaSOAP1_2
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Apache::SOAP, Apache::XMLRPC::Lite, SOAP::Constants, SOAP::Lite::Deserializer::XMLSchema1999, SOAP::Lite::Deserializer::XMLSchema2001, SOAP::Lite::Deserializer::XMLSchemaSOAP1_1, SOAP::Lite::Deserializer::XMLSchemaSOAP1_2, SOAP::Lite::Packager, SOAP::Lite::Utils, SOAP::Packager, SOAP::Test, SOAP::Transport::HTTP, SOAP::Transport::IO, SOAP::Transport::LOCAL, SOAP::Transport::LOOPBACK, SOAP::Transport::MAILTO, SOAP::Transport::POP3
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Apache::SOAP | mod_perl-based SOAP server with minimum configuration | 1.01 | metacpan |
Apache::XMLRPC::Lite | mod_perl-based XML-RPC server with minimum configuration | 1.01 | metacpan |
SOAP::Constants | SOAP::Lite provides several variables to allows programmers and users to modify the behavior of SOAP::Lite in specific ways. | 1.01 | metacpan |
SOAP::Lite | Perl's Web Services Toolkit | 1.01 | metacpan |
SOAP::Lite::Deserializer::XMLSchema1999 | metacpan | ||
SOAP::Lite::Deserializer::XMLSchema2001 | metacpan | ||
SOAP::Lite::Deserializer::XMLSchemaSOAP1_1 | metacpan | ||
SOAP::Lite::Deserializer::XMLSchemaSOAP1_2 | metacpan | ||
SOAP::Lite::Packager | this class is an abstract class which allows for multiple types of packaging agents such as MIME and DIME. | metacpan | |
SOAP::Lite::Utils | metacpan | ||
SOAP::Packager | this class is an abstract class which allows for multiple types of packaging agents such as MIME and DIME. | 1.01 | metacpan |
SOAP::Test | Test framework for SOAP::Lite | 1.01 | metacpan |
SOAP::Transport::HTTP | 1.01 | metacpan | |
SOAP::Transport::IO | 1.01 | metacpan | |
SOAP::Transport::LOCAL | 1.01 | metacpan | |
SOAP::Transport::LOOPBACK | Test loopback transport backend (Client only) | metacpan | |
SOAP::Transport::MAILTO | 1.01 | metacpan | |
SOAP::Transport::POP3 | Server side POP3 support for SOAP::Lite | 1.01 | metacpan |
Provides
Name | File | View |
---|---|---|
My::PingPong | lib/SOAP/Test.pm | metacpan |
SOAP | lib/SOAP/Lite.pm | metacpan |
SOAP::Client | lib/SOAP/Lite.pm | metacpan |
SOAP::Cloneable | lib/SOAP/Lite.pm | metacpan |
SOAP::Custom::XML::Data | lib/SOAP/Lite.pm | metacpan |
SOAP::Custom::XML::Deserializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Data | lib/SOAP/Lite.pm | metacpan |
SOAP::Deserializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Fault | lib/SOAP/Lite.pm | metacpan |
SOAP::Header | lib/SOAP/Lite.pm | metacpan |
SOAP::Lite::COM | lib/SOAP/Lite.pm | metacpan |
SOAP::Lite::Packager::DIME | lib/SOAP/Lite/Packager.pm | metacpan |
SOAP::Lite::Packager::MIME | lib/SOAP/Lite/Packager.pm | metacpan |
SOAP::Packager::DIME | lib/SOAP/Packager.pm | metacpan |
SOAP::Packager::MIME | lib/SOAP/Packager.pm | metacpan |
SOAP::Parser | lib/SOAP/Lite.pm | metacpan |
SOAP::SOM | lib/SOAP/Lite.pm | metacpan |
SOAP::Schema | lib/SOAP/Lite.pm | metacpan |
SOAP::Schema::Deserializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Schema::WSDL | lib/SOAP/Lite.pm | metacpan |
SOAP::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::Server | lib/SOAP/Lite.pm | metacpan |
SOAP::Server::Object | lib/SOAP/Lite.pm | metacpan |
SOAP::Server::Parameters | lib/SOAP/Lite.pm | metacpan |
SOAP::Test::Server | lib/SOAP/Test.pm | metacpan |
SOAP::Trace | lib/SOAP/Lite.pm | metacpan |
SOAP::Transport | lib/SOAP/Lite.pm | metacpan |
SOAP::Transport::HTTP::Apache | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::CGI | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::Client | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::Daemon | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::FCGI | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::HTTP::Server | lib/SOAP/Transport/HTTP.pm | metacpan |
SOAP::Transport::IO::Server | lib/SOAP/Transport/IO.pm | metacpan |
SOAP::Transport::LOCAL::Client | lib/SOAP/Transport/LOCAL.pm | metacpan |
SOAP::Transport::LOOPBACK::Client | lib/SOAP/Transport/LOOPBACK.pm | metacpan |
SOAP::Transport::MAILTO::Client | lib/SOAP/Transport/MAILTO.pm | metacpan |
SOAP::Transport::POP3::Server | lib/SOAP/Transport/POP3.pm | metacpan |
SOAP::Utils | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchema1999::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchema2001::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchema::Serializer | lib/SOAP/Lite.pm | metacpan |
SOAP::XMLSchemaApacheSOAP::Deserializer | lib/SOAP/Lite.pm | metacpan |