Lucene search
K

135 matches found

OSV
OSV
added 2026/04/03 10:9 a.m.3 views

RHSA-2026:6470 Red Hat Security Advisory: perl-YAML-Syck security update

Bulletin has no description...

7.3CVSS5.9AI score0.00429EPSS
Exploits0References9
NVD
NVD
added 2026/03/28 7:16 p.m.7 views

CVE-2026-3256

HTTP::Session versions before 0.54 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 hash seeded with the built-in rand function, the high resolution epoch time, and the PID. The PID will come...

9.8CVSS0.0053EPSS
Exploits0References5
OSV
OSV
added 2026/03/05 2:16 a.m.5 views

ALPINE-CVE-2026-3381

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

9.8CVSS5.8AI score0.00548EPSS
Exploits1References1
OSV
OSV
added 2026/03/05 2:16 a.m.5 views

AZL-79362 CVE-2026-3381 affecting package keras 2.11.0-3

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

9.8CVSS5.7AI score0.00548EPSS
Exploits1References1
NVD
NVD
added 2026/03/05 2:16 a.m.15 views

CVE-2026-3381

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

9.8CVSS0.00548EPSS
Exploits1References7
OSV
OSV
added 2026/03/05 2:16 a.m.9 views

AZL-79296 CVE-2026-3381 affecting package cloud-hypervisor 32.0-7

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

9.8CVSS5.8AI score0.00548EPSS
Exploits1References1
OSV
OSV
added 2026/03/05 2:16 a.m.6 views

AZL-79415 CVE-2026-3381 affecting package mariadb-connector-c 3.3.8-3

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

9.8CVSS5.8AI score0.00548EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23124

Name of the Vulnerable Software and Affected Versions Compress::Raw::Zlib versions through 2.219 Description The software includes a copy of the zlib library, and versions up to 2.219 may use potentially insecure versions of zlib. Version 2.220 includes zlib 1.3.2, which addresses findings from a...

10CVSS5.7AI score0.00548EPSS
Exploits1References99
OSV
OSV
added 2026/02/27 1:16 a.m.2 views

UBUNTU-CVE-2021-4456

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions addr2cidr and cidrlookup may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker ma...

6.5CVSS5.8AI score0.00322EPSS
Exploits0References7
OSV
OSV
added 2026/02/27 12:16 a.m.5 views

CVE-2025-40932

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will...

8.2CVSS5.7AI score
Exploits0References1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.9 views

Crypt::SysRandom::XS 安全漏洞

Crypt::SysRandom::XS is a Perl library developed by LEONT’s individual developers, designed for generating encrypted random numbers. Versions of Crypt::SysRandom::XS prior to 0.010 contained security vulnerabilities. These vulnerabilities stemmed from the XS function randombytes, which did not...

7.5CVSS5.9AI score0.00295EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/22 11:31 p.m.5 views

CVE-2026-2588

Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems. Sodium.xs casts a STRLEN sizet to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems sizet is typically 32-bits while an unsigned long long is at least 64-bi...

5.6AI score0.00346EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/16 12:0 a.m.8 views

Maypole 安全漏洞

Maypole is a Perl language library developed by TEEJAY’s individual developers. Versions 2.10 to 2.13 of Maypole contain security vulnerabilities, which stem from insecure session ID generation, potentially leading to session hijacking...

9.8CVSS5.8AI score0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.8 views

MetaCPAN WWW::OAuth 安全漏洞

MetaCPAN WWW::OAuth is a Perl authentication library developed by the MetaCPAN Foundation. Versions of MetaCPAN WWW::OAuth 1.000 and earlier contained a security vulnerability. This vulnerability stemmed from using the rand function as the default entropy source for encryption functions, which is...

7.3CVSS5.8AI score0.00255EPSS
Exploits0References4
EUVD
EUVD
added 2025/11/27 12:30 a.m.6 views

EUVD-2025-199778

XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted. An attacker can remove the signature from the XML document to make it pass the verification check. XML-Sig is a Perl module to validate signatures on XML files. An unsigned XML file should retur...

6.3AI score0.00143EPSS
Exploits0References3
OSV
OSV
added 2025/10/28 7:20 p.m.7 views

USN-7844-1 libyaml-syck-perl vulnerability

It was discovered that YAML::Syck did not properly handle parsing YAML files. An attacker could possibly use this issue to expose sensitive information...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27141

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00603EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-16304

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00306EPSS
Exploits0References3
OSV
OSV
added 2025/10/03 1:22 p.m.5 views

CLSA-2025-1759497739 perl-HTTP-Tiny: Fix of CVE-2023-31486

CVE-2023-31486: fix insecure default TLS configuration - Enable automated tests during build...

8.1CVSS6.9AI score0.01742EPSS
Exploits0References1
OSV
OSV
added 2025/09/30 11:37 a.m.3 views

CVE-2024-58040

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand function during encryption...

9.1CVSS5.8AI score0.00221EPSS
Exploits0References3
Rows per page
Query Builder