Email-Address 1.901 Deleted
Security Advisories
CVE-2014-0477
Inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address.
Fixed version: >=1.905
Reported: 2014-07-03
CVE-2018-12558
The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that caused this problem contained 30 form-field characters ("\f").
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901873
- http://www.openwall.com/lists/oss-security/2018/06/19/3
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00012.html
Fixed version: >=1.909
Reported: 2018-06-19
CVE-2014-4720
Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477.
Fixed version: >=1.904
Reported: 2014-07-06
Kwalitee Issues
No Core Issues.
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Email::Address | RFC 2822 Address Parsing and Creation | 1.901 | metacpan |