|
2020-06-05
|
CVE-2020-12723 |
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. |
Perl
|
7.5
|
|
|
2020-06-05
|
CVE-2020-10878 |
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. |
Fedora,
Perl
|
8.6
|
|
|
2020-06-05
|
CVE-2020-10543 |
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. |
Fedora,
Perl
|
8.2
|
|
|
2016-08-02
|
CVE-2016-6185 |
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory. |
Ubuntu_linux,
Debian_linux,
Fedora,
Solaris,
Perl
|
N/A
|
|
|
2016-04-08
|
CVE-2016-2381 |
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. |
Ubuntu_linux,
Debian_linux,
Opensuse,
Communications_billing_and_revenue_management,
Configuration_manager,
Database_server,
Enterprise_manager_base_platform,
Solaris,
Timesten_in\-Memory_database,
Perl
|
N/A
|
|
|
2018-12-07
|
CVE-2018-18311 |
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. |
Mac_os_x,
Ubuntu_linux,
Debian_linux,
Fedora,
Web_gateway,
E\-Series_santricity_os_controller,
Snap_creator_framework,
Snapcenter,
Snapdriver,
Perl,
Enterprise_linux,
Enterprise_linux_desktop,
Enterprise_linux_eus,
Enterprise_linux_server,
Enterprise_linux_server_aus,
Enterprise_linux_server_tus,
Enterprise_linux_workstation,
Openshift_container_platform
|
9.8
|
|
|
|
2018-06-07
|
CVE-2018-12015 |
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. |
Mac_os_x,
Archive\:\:tar,
Ubuntu_linux,
Debian_linux,
Data_ontap_edge,
Oncommand_workflow_automation,
Snap_creator_framework,
Snapdrive,
Perl
|
7.5
|
|
|
2018-04-17
|
CVE-2018-6913 |
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. |
Ubuntu_linux,
Debian_linux,
Perl
|
9.8
|
|
|
2018-04-17
|
CVE-2018-6798 |
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. |
Ubuntu_linux,
Debian_linux,
Perl,
Enterprise_linux_server,
Enterprise_linux_workstation
|
7.5
|
|
|
2018-04-17
|
CVE-2018-6797 |
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. |
Ubuntu_linux,
Debian_linux,
Perl,
Enterprise_linux_server,
Enterprise_linux_workstation
|
9.8
|
|