Filtered by vendor Perl
Subscriptions
Filtered by product Perl
Subscriptions
Total
56 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1151 | 2 Perl, Redhat | 2 Perl, Enterprise Linux | 2025-04-11 | N/A |
| Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function. | ||||
| CVE-2012-6329 | 2 Perl, Redhat | 2 Perl, Enterprise Linux | 2025-04-11 | N/A |
| The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket notation, which allows context-dependent attackers to execute arbitrary commands via crafted input to an application that accepts translation strings from users, as demonstrated by the TWiki application before 5.1.3, and the Foswiki application 1.0.x through 1.0.10 and 1.1.x through 1.1.6. | ||||
| CVE-2011-3599 | 2 Adam Kennedy, Perl | 2 Crypt-dsa, Perl | 2025-04-11 | N/A |
| The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack. | ||||
| CVE-2023-31486 | 3 Http\, Perl, Redhat | 4 \, Perl, Enterprise Linux and 1 more | 2025-01-30 | 8.1 High |
| HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. | ||||
| CVE-2022-48522 | 1 Perl | 1 Perl | 2024-11-21 | 9.8 Critical |
| In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. | ||||
| CVE-2020-12723 | 6 Fedoraproject, Netapp, Opensuse and 3 more | 21 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 18 more | 2024-11-21 | 7.5 High |
| regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. | ||||
| CVE-2020-10878 | 6 Fedoraproject, Netapp, Opensuse and 3 more | 22 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 19 more | 2024-11-21 | 8.6 High |
| Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. | ||||
| CVE-2020-10543 | 5 Fedoraproject, Opensuse, Oracle and 2 more | 20 Fedora, Leap, Communications Billing And Revenue Management and 17 more | 2024-11-21 | 8.2 High |
| Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. | ||||
| CVE-2018-6913 | 3 Canonical, Debian, Perl | 3 Ubuntu Linux, Debian Linux, Perl | 2024-11-21 | N/A |
| Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | ||||
| CVE-2018-6798 | 4 Canonical, Debian, Perl and 1 more | 6 Ubuntu Linux, Debian Linux, Perl and 3 more | 2024-11-21 | N/A |
| An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. | ||||
| CVE-2018-6797 | 4 Canonical, Debian, Perl and 1 more | 6 Ubuntu Linux, Debian Linux, Perl and 3 more | 2024-11-21 | N/A |
| An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. | ||||
| CVE-2018-18314 | 5 Canonical, Debian, Netapp and 2 more | 9 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 6 more | 2024-11-21 | N/A |
| Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18313 | 6 Apple, Canonical, Debian and 3 more | 10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more | 2024-11-21 | N/A |
| Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | ||||
| CVE-2018-18312 | 5 Canonical, Debian, Netapp and 2 more | 9 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 6 more | 2024-11-21 | N/A |
| Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18311 | 8 Apple, Canonical, Debian and 5 more | 23 Mac Os X, Ubuntu Linux, Debian Linux and 20 more | 2024-11-21 | N/A |
| Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-12015 | 7 Apple, Archive\, Canonical and 4 more | 10 Mac Os X, \, Ubuntu Linux and 7 more | 2024-11-21 | N/A |
| In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | ||||