Search CVE reports
81 – 90 of 244 results
Some fixes available 4 of 5
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. An...
1 affected package
perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| perl | — | — | Fixed | Fixed |
Some fixes available 4 of 5
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. An application written in Perl would only be vulnerable to this flaw if it...
1 affected package
perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| perl | — | — | Fixed | Fixed |
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.
1 affected package
libconvert-asn1-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libconvert-asn1-perl | Not affected | Not affected | Vulnerable | Vulnerable |
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
1 affected package
libperlspeak-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libperlspeak-perl | Not in release | Not in release | Not in release | Vulnerable |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
1 affected package
libmp3-info-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libmp3-info-perl | — | — | — | Ignored |
_is_safe in the File::Temp module for Perl does not properly handle symlinks.
2 affected packages
perl, libfile-temp-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| perl | — | — | — | — |
| libfile-temp-perl | — | — | — | — |
Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.
1 affected package
libparallel-forkmanager-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libparallel-forkmanager-perl | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
2 affected packages
libmodule-metadata-perl, perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libmodule-metadata-perl | — | — | — | — |
| perl | — | — | — | — |
Not in release
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
1 affected package
libdata-uuid-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libdata-uuid-perl | — | — | — | — |
SQL injection vulnerability in Jifty::DBI before 0.68.
1 affected package
libjifty-dbi-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjifty-dbi-perl | — | — | — | — |