Plack-Middleware-Security-Simple-v0.11.0

Security Advisories (1)

CVE-2026-9658 (2026-05-28)

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost: secret.example.com Note that it is unclear whether request paths with CRLF followed by additional headers would be blocked by reverse proxies, or how they would be processed by Plack-based servers.

https://metacpan.org/release/RRWO/Plack-Middleware-Security-Simple-v0.13.1/changes

Looking for help!

The maintainer of this distribution is looking for people to help them improve this module! If you're interested then please contact them via email.

Changes for version v0.11.0 - 2023-08-03

Exhancements
- Added the exchange_prefixes rule.
Documentation
- Support policy for older Perls is documented.

Documentation

README.md

Modules

Plack::Middleware::Security::Common

A simple security filter for Plack with common rules.

Plack::Middleware::Security::Simple

A simple security filter for Plack

Other files

To install Plack::Middleware::Security::Simple, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Plack::Middleware::Security::Simple

CPAN shell

perl -MCPAN -e shell
install Plack::Middleware::Security::Simple

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Looking for help!

Changes for version v0.11.0 - 2023-08-03

Documentation

Modules

Other files

Module Install Instructions

Keyboard Shortcuts