Filtered by vendor Perl
Subscriptions
Total
67 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18311 | 8 Apple, Canonical, Debian and 5 more | 23 Mac Os X, Ubuntu Linux, Debian Linux and 20 more | 2024-11-21 | N/A |
| Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-12015 | 7 Apple, Archive\, Canonical and 4 more | 10 Mac Os X, \, Ubuntu Linux and 7 more | 2024-11-21 | N/A |
| In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | ||||
| CVE-2017-12883 | 1 Perl | 1 Perl | 2024-11-21 | N/A |
| Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape. | ||||
| CVE-2017-12837 | 1 Perl | 1 Perl | 2024-11-21 | N/A |
| Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier. | ||||
| CVE-2017-12814 | 2 Microsoft, Perl | 2 Windows, Perl | 2024-11-21 | N/A |
| Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable. | ||||
| CVE-2016-6185 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 7.8 High |
| The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory. | ||||
| CVE-2016-2381 | 5 Canonical, Debian, Opensuse and 2 more | 10 Ubuntu Linux, Debian Linux, Opensuse and 7 more | 2024-11-21 | 7.5 High |
| Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. | ||||
| CVE-2016-1246 | 3 Dbd-mysql Project, Debian, Perl | 3 Dbd-mysql, Debian Linux, Perl | 2024-11-21 | N/A |
| Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message. | ||||
| CVE-2016-1238 | 5 Apache, Debian, Fedoraproject and 2 more | 5 Spamassassin, Debian Linux, Fedora and 2 more | 2024-11-21 | 7.8 High |
| (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory. | ||||
| CVE-2015-8853 | 2 Fedoraproject, Perl | 2 Fedora, Perl | 2024-11-21 | N/A |
| The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80." | ||||
| CVE-2015-8608 | 1 Perl | 1 Perl | 2024-11-21 | 0.0 Low |
| The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument. | ||||
| CVE-2015-8607 | 3 Canonical, Debian, Perl | 3 Ubuntu Linux, Debian Linux, Pathtools | 2024-11-21 | N/A |
| The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. | ||||
| CVE-2014-4330 | 2 Data Dumper Project, Perl | 2 Data Dumper, Perl | 2024-11-21 | N/A |
| The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function. | ||||
| CVE-2014-10402 | 1 Perl | 1 Dbi | 2024-11-21 | 6.1 Medium |
| An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401. | ||||
| CVE-2014-10401 | 1 Perl | 1 Dbi | 2024-11-21 | 6.1 Medium |
| An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute. | ||||
| CVE-2013-7491 | 1 Perl | 1 Dbi | 2024-11-21 | 5.3 Medium |
| An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated. | ||||
| CVE-2013-7490 | 2 Canonical, Perl | 2 Ubuntu Linux, Dbi | 2024-11-21 | 5.3 Medium |
| An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption. | ||||
| CVE-2013-7422 | 2 Apple, Perl | 2 Mac Os X, Perl | 2024-11-21 | N/A |
| Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression. | ||||
| CVE-2013-7329 | 1 Perl | 1 Cgi Application Module | 2024-11-21 | N/A |
| The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function. | ||||
| CVE-2013-1667 | 2 Perl, Redhat | 2 Perl, Enterprise Linux | 2024-11-21 | N/A |
| The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key. | ||||