Advisory ROSA-SA-2024-2471

software: perl 5.30.3 OS: ROSA-CHROME packageevrstring: perl-5.30.3-22 CVE-ID: CVE-2021-36770 BDU-ID: 2021-05374 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Encode.pm module of the Perl programming language interpreter is related to incorrect search path handling. Exploitation of the...

CVE-2023-31486 affecting package perl 5.30.3-2

CVE-2023-31486 affecting package perl 5.30.3-2. A patched version of the package is available...

CVE-2023-2433

The YARPP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'className' parameter in versions up to, and including, 5.30.3 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inject arbitrary web scripts in page...

PT-2023-19525 · WordPress · Yarpp

Name of the Vulnerable Software and Affected Versions: YARPP plugin for WordPress versions up to, and including, 5.30.3 Description: The issue arises from insufficient input sanitization and output escaping, allowing contributor-level attackers to inject arbitrary web scripts via the className...

CVE-2022-4471 YARPP - Yet Another Related Posts Plugin < 5.30.3 - Contributor+ Stored XSS

The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

Medium: perl

Issue Overview: Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. CVE-2020-10543 Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted...

Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2020-1943)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Mitigation To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler...

Buffer overflow

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...

CVE-2020-12723

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...

CVE-2020-12723

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...