WWW::Mechanize::Cached versions before 2.00 for Perl use a world-writable on-disk cache that deserializes cached HTTP responses via Storable::thaw, enabling local attackers to forge responses and potentially achieve code execution. The default Cache::FileCache backend creates directories under /tmp/FileCache with mode 0777 and no sticky bit, allowing any local user to modify cache entries. An attacker can [truncated]
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and Proxy-Authorization headers are sent unchanged to the redirect target, including across scheme, host, or port changes. A redirect to an attacker [truncated]
