Lucene search
K

15 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-49146

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

7.5CVSS0.0038EPSS
Exploits0References3
CVE
CVE
added 2 days ago33 views

CVE-2026-49146

CVE-2026-49146 affects App::Ack for Perl prior to 3.10.0. A project .ackrc can set --before-context to an unbounded positive integer, causing ack to allocate a before-context buffer of that size and trigger memory exhaustion. Public descriptions specify the attack path: ack searches upward for a ...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-49146 App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

0.0038EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2 days ago8 views

CVE-2026-49146

App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...

7.5CVSS6.1AI score0.0038EPSS
Exploits0
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-42288

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS6AI score0.00329EPSS
Exploits0References1
CVE
CVE
added 2 days ago23 views

CVE-2026-49145

CVE-2026-49145 affects App::Ack for Perl up to version 3.10.0. The flaw arises because ack searches upward for a project .ackrc and loads its options; the project-source blocklist did not include --files-from, allowing a project .ackrc to set --files-from to a path whose listed files ack will rea...

7.5CVSS6AI score0.00329EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-49145 App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

0.00329EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2 days ago9 views

CVE-2026-49145

App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include...

7.5CVSS6AI score0.00329EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-6865

Malware in sbrugna...

6.8CVSS6.1AI score0.03101EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.29 views

openSUSE Security Update : ack (openSUSE-SU-2014:0142-1)

update to ack 2.12: fixes potential remote code execution via per-project .ackrc files bnc855340 CVE-2013-7069 - prevents the --pager, --regex and --output options from being used from project-level ackrc files, preventing possible code execution when using ack through malicious files - --pager,...

6.8CVSS6.2AI score0.03101EPSS
Exploits0References3
NVD
NVD
added 2013/12/14 5:21 p.m.19 views

CVE-2013-7069

ack 2.00 through 2.1102 allows remote attackers to execute arbitrary code via a 1 --pager, 2 --regex, or 3 --output option in a .ackrc file in a directory to be searched...

6.8CVSS7.5AI score0.03101EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2013/12/14 5:21 p.m.18 views

CVE-2013-7069

ack 2.00 through 2.1102 allows remote attackers to execute arbitrary code via a 1 --pager, 2 --regex, or 3 --output option in a .ackrc file in a directory to be searched...

6.8CVSS6.1AI score0.03101EPSS
Exploits0References2
Prion
Prion
added 2013/12/14 5:21 p.m.9 views

Design/Logic Flaw

ack 2.00 through 2.1102 allows remote attackers to execute arbitrary code via a 1 --pager, 2 --regex, or 3 --output option in a .ackrc file in a directory to be searched...

6.8CVSS8.1AI score0.03101EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2013/12/14 5:21 p.m.4 views

UBUNTU-CVE-2013-7069

ack 2.00 through 2.1102 allows remote attackers to execute arbitrary code via a 1 --pager, 2 --regex, or 3 --output option in a .ackrc file in a directory to be searched...

6.8CVSS6.2AI score0.03101EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/12/14 5:0 p.m.19 views

CVE-2013-7069

ack 2.00 through 2.1102 allows remote attackers to execute arbitrary code via a 1 --pager, 2 --regex, or 3 --output option in a .ackrc file in a directory to be searched...

7.5AI score0.03101EPSS
Exploits0References5
Rows per page
Query Builder