17607 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-57432
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item...
PT-2026-57917
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3 EXT d2iext returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth att dereference its result without a NULL check. keyid data also dereferences...
ALSA-2026:38512 Important: perl-DBI security update
DBI is a database access Application Programming Interface API for the Perl Language. The DBI API Specification defines a set of functions, variables and conventions that provide a consistent database interface independent of the actual database being used. Security Fixes: DBI: DBI: Buffer overfl...
ALSA-2026:38901 Important: perl-DBI:1.641 security update
The perl-DBI package provides the standard database interface module for the Perl programming language. It implements a database-independent interface, meaning it defines a consistent set of methods, variables, and conventions for database operations. Security Fixes: DBI: DBI: Buffer overflow in...
Linux Distros Unpatched Vulnerability : CVE-2026-13221
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into...
Linux Distros Unpatched Vulnerability : CVE-2026-57433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Storable versions before 3.41 for Perl have a signed integer overflow when deserializing a crafted SXHOOK record. retrievehookcommon reads a signed 32-bit item...
[SECURITY] Fedora 43 Update: perl-Crypt-DSA-1.22-1.fc43
Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...
Security update for perl-CGI-Session (moderate)
openSUSE Security Update: Security update for perl-CGI-Session Announcement ID: openSUSE-SU-2026:0240-1 Rating: moderate References: 1269983 Cross-References: CVE-2026-56016 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This...
[SECURITY] Fedora 43 Update: perl-HTML-Gumbo-0.19-1.fc43
Gumbo is an implementation of the HTML5 parsing algorithm implemented as a pure C99 library with no outside dependencies...
SUSE-SU-2026:2845-1 Security update for perl-List-SomeUtils-XS
This update for perl-List-SomeUtils-XS fixes the following issue - CVE-2026-12844: heap buffer overflow in the pairwise function bsc1269210...
OPENSUSE-SU-2026:21293-1 Security update for perl-DBI
This update for perl-DBI fixes the following issues - CVE-2026-14380: unvalidated string eval interpolation of the Profile package name can lead to arbitrary Perl code execution bsc1271018. - CVE-2026-14740: one-byte out-of-bounds read when deleting an initial SQL comment line can lead to a proce...
CVE-2026-10879
A flaw was found in perl-DBI. A heap overflow vulnerability exists when preparsing SQL statements with more than 9 binders. The preparse method incorrectly allocates buffer space for SQL placeholder characters, leading to an overflow when processing binders with two or more digits. This can resul...
[SECURITY] Fedora 44 Update: perl-DBI-1.650-1.fc44
DBI is a database access Application Programming Interface API for the Perl Language. The DBI API Specification defines a set of functions, variables and conventions that provide a consistent database interface independent of the actual database being used...
Linux Distros Unpatched Vulnerability : CVE-2026-14741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - libhttp-date-perl - None Ubuntu Linux - Unknown description CVE-2026-14741 Note that Nessus relies on the presence of the package as reported by...
Fedora 44 : perl-DBI (2026-9fdda5018f)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9fdda5018f advisory. 1.650 bump - Fix CVE-2026-14739, CVE-2026-14740 and CVE-2026-14380 Tenable has extracted the preceding description block directly from the Fedora...
RHSA-2026:37070 Red Hat Security Advisory: perl:5.32 security update
Bulletin has no description...
perl: Perl threads have a working directory race condition where file operations may target unintended paths
A flaw was found in the Perl standard library threads component. This vulnerability can allow a local attacker to exploit a race condition in directory handling to access files or load code from unexpected locations...
Moderate: Red Hat Security Advisory: perl:5.32 security update
An update for the perl:5.32 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...
SUSE CVE-2026-14380
DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute, DBI splits it into path, package and arguments, and interpolates the package part in a string eval with no validation of the package...
SUSE CVE-2026-14740
DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...