Lucene search
Gentoo FoundationMGASA-2014-0406HistoryOct 09, 2014 - 6:06 p.m.
Updated perl packages fix CVE-2014-4330
2014-10-0918:06:16
Gentoo Foundation
advisories.mageia.org
15
0.001 Low
EPSS
Percentile
47.0%
Updated perl package fixes security vulnerability: The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function (CVE-2014-4330). Also, the Text::Wrap version provided in perl contains a bug that can lead to a code path that shouldn’t be hit. This can lead to crashes in other software, such as Bugzilla. The Text::Wrap module bundled with Perl has been patched and the Data::Dumper module bundled with Perl has been updated to fix these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 4 | noarch | perl | <Â 5.18.1-3.2 | perl-5.18.1-3.2.mga4 |
Related
nessus
nessus
Oracle Solaris Third-Party Patch Update : perl (cve_2014_4330_buffer_errors)
2015-01-19 00:00:00
Fedora 19 : perl-Data-Dumper-2.154-1.fc19 (2014-11428)
2014-10-09 00:00:00
Mandriva Linux Security Advisory : perl (MDVSA-2015:136)
2015-03-30 00:00:00
packetstorm
packetstorm
Perl 5.20.1 Deep Recursion Stack Overflow
2014-09-25 00:00:00
prion
prion
Design/Logic Flaw
2014-09-30 16:55:00
cvelist
cvelist
CVE-2014-4330
2014-09-30 16:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0406)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2020-2229)
2020-10-21 00:00:00
Mageia: Security Advisory (MGASA-2014-0407)
2022-01-28 00:00:00
cve
cve
CVE-2014-4330
2014-09-30 16:55:00
fedora
fedora
[SECURITY] Fedora 20 Update: perl-Data-Dumper-2.154-1.fc20
2014-09-29 04:06:01
[SECURITY] Fedora 19 Update: perl-Data-Dumper-2.154-1.fc19
2014-10-08 19:17:22
zdt
zdt
Perl 5.20.1 Deep Recursion Stack Overflow Vulnerability
2014-09-25 00:00:00
mageia
mageia
Updated perl package fixes CVE-2014-4330
2014-10-09 18:06:16
Updated perl-Data-Dumper package fixes CVE-2014-4330
2014-10-09 18:06:16
ubuntucve
ubuntucve
CVE-2014-4330
2014-09-30 00:00:00
securityvulns
securityvulns
Perl stack overflow
2014-09-29 00:00:00
LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow
2014-09-29 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
debiancve
debiancve
CVE-2014-4330
2014-09-30 16:55:00
cloudfoundry
cloudfoundry
USN-2916-1 Perl vulnerabilities | Cloud Foundry
2016-03-24 00:00:00
ubuntu
ubuntu
Perl vulnerabilities
2016-03-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1949
2021-07-02 17:41:47