ROSA LABROSA-SA-2021-1949Advisory ROSA-SA-2021-1949
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.57 Medium
EPSS
Percentile
97.7%
Software: perl 5.16.3
OS: Cobalt 7.9
CVE-ID: CVE-2014-4330
CVE-Crit: MEDIUM
CVE-DESC: The Dumper method in Data :: Dumper before 2.154, which was used in Perl 5.20.1 and earlier, allows context-sensitive attackers to cause a denial of service (stack consumption and failure) via an array reference with many nested Array References that trigger a large number of recursive calls to the DD_dump function.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2015-8853
CVE-Crit: HIGH
CVE-DESC: The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before version 5.24.0 allow context-sensitive attackers to cause a denial of service (infinite loop) with utf-8 generated data, as demonstrated by “a \ x80.”
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-1238
CVE-Crit: HIGH
CVE-DESC: (1) cpan / Archive-Tar / bin / ptar, (2) cpan / Archive-Tar / bin / ptardiff, (3) cpan / Archive-Tar / bin / ptargrep, (4) cpan / CPAN / scripts / cpan, (5) cpan / Digest-SHA / shasum, (6) cpan / Encode / bin / enc2xs, (7) cpan / Encode / bin / encguess, (8) cpan / Encode / bin / piconv, (9 ) cpan / Encode / bin / ucmlint, (10) cpan / Encode / bin / unidump, (11) cpan / ExtUtils-MakeMaker / bin / instmodsh, (12) cpan / IO-Compress / bin / zipdetails, (13) cpan / JSON-PP / bin / json_pp, (14) cpan / Test-Harness / bin / proof, (15) dist / ExtUtils-ParseXS / lib / ExtUtils / xsubpp, (16) dist / Module-CoreList / corelist, (17 ) ext / Pod-Html / bin / pod2html, (18) utils / c2ph.PL, (19) utils / h2ph.PL, (20) utils / h2xs.PL, (21) utils / libnetcfg.PL, (22) utils / perlbug.PL, (23) utils / perldoc.PL, (24) utils / perlivp.PL, and (25) utils / splain.PL in Perl 5.x to 5.22.3-RC2 and 5.24 to 5.24.1 -RC2 not properly removed. (dot) at the end of the include directory array, which may allow local users to gain privileges via a Trojan horse module in the current working directory.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-1238
CVE-Crit: HIGH
CVE-DESC: (1) cpan / Archive-Tar / bin / ptar, (2) cpan / Archive-Tar / bin / ptardiff, (3) cpan / Archive-Tar / bin / ptargrep, (4) cpan / CPAN / scripts / cpan, (5) cpan / Digest-SHA / shasum, (6) cpan / Encode / bin / enc2xs, (7) cpan / Encode / bin / encguess, (8) cpan / Encode / bin / piconv, (9 ) cpan / Encode / bin / ucmlint, (10) cpan / Encode / bin / unidump, (11) cpan / ExtUtils-MakeMaker / bin / instmodsh, (12) cpan / IO-Compress / bin / zipdetails, (13) cpan / JSON-PP / bin / json_pp, (14) cpan / Test-Harness / bin / proof, (15) dist / ExtUtils-ParseXS / lib / ExtUtils / xsubpp, (16) dist / Module-CoreList / corelist, (17 ) ext / Pod-Html / bin / pod2html, (18) utils / c2ph.PL, (19) utils / h2ph.PL, (20) utils / h2xs.PL, (21) utils / libnetcfg.PL, (22) utils / perlbug.PL, (23) utils / perldoc.PL, (24) utils / perlivp.PL, and (25) utils / splain.PL in Perl 5.x to 5.22.3-RC2 and 5.24 to 5.24.1 -RC2 not properly removed. (dot) at the end of the include directory array, which may allow local users to gain privileges via a Trojan horse module in the current working directory.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-2381
CVE-Crit: HIGH
CVE-DESC: Perl may allow context-dependent attackers to bypass the child process’s infection defense mechanism by using repeated environment variables in envp.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2016-6185
CVE-Crit: HIGH
CVE-DESC: The XSLoader :: load method in XSLoader in Perl incorrectly locates .so files when called on the eval line, which could allow local users to execute arbitrary code via the Trojan horse library in the current working directory.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-12837
CVE-Crit: HIGH
CVE-DESC: Heap-based buffer overflow in S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service. bounds write) via a regular expression with the escape character ‘{\ N {}’ and a case-insensitive modifier.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2017-12883
CVE-Crit: CRITICAL
CVE-DESC: Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid escape character ‘\ N {U + …}’.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-12015.
CVE-Crit: HIGH
CVE-DESC: In Perl before 5.26.2, the Archive :: Tar module allows remote attackers to bypass the directory traversal protection mechanism and overwrite arbitrary files via an archive file containing a symbolic link and a regular file with the same name.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-18312
CVE-Crit: CRITICAL
CVE-DESC: Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-18313
CVE-Crit: CRITICAL
CVE-DESC: Perl before 5.26.3 has a buffer overflow using a crafted regular expression that triggers the disclosure of sensitive information from process memory.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-18314
CVE-Crit: CRITICAL
CVE-DESC: Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2018-6913
CVE-Crit: CRITICAL
CVE-DESC: Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code using a large number of elements.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2020-10543
CVE-Crit: HIGH
CVE-DESC: Perl before 5.30.3 on 32-bit platforms allows heap-based buffer overflows because nested regular expression quantifiers have integer overflow.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2020-10878
CVE-Crit: HIGH
CVE-DESC: Perl before 5.30.3 has an integer overflow associated with improper handling of the “PL_regkind [OP (n)] == NOTHING” situation. The regular expression created can cause bytecode corruption with the possibility of instruction injection.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2020-12723
CVE-Crit: HIGH
CVE-DESC: regcomp.c in Perl before 5.30.3 allows buffer overflow via created regular expression due to recursive calls to S_study_chunk.
CVE-STATUS: default
CVE-REV: default
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.57 Medium
EPSS
Percentile
97.7%