Lucene search
+L

54 matches found

mscve
mscve
added yesterday10 views

Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perl_study_chunk

...

9.1CVSS6.1AI score0.00606EPSS
Exploits0
mscve
mscve
added yesterday9 views

Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack

...

8.4CVSS6.1AI score0.00196EPSS
Exploits0
osv
osv
added 3 days ago7 views

UBUNTU-CVE-2026-13221

Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perlstudychunk. When such branches are combined into a trie, the delta between the first branch and the shared tail is stored ...

9.1CVSS6.1AI score0.00606EPSS
Exploits0References4
nessus
nessus
added 3 days ago3 views

Linux Distros Unpatched Vulnerability : CVE-2026-57432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item...

8.4CVSS6.2AI score0.00196EPSS
Exploits0References3
nessus
nessus
added 3 days ago2 views

Linux Distros Unpatched Vulnerability : CVE-2026-13221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into...

9.1CVSS6.1AI score0.00606EPSS
Exploits0References3
euvd
euvd
added 2026/07/08 12:37 a.m.6 views

EUVD-2026-42124

DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1.650 sets a hard limit of 99,999 placeholders...

6.1AI score0.00396EPSS
Exploits0References4
osv
osv
added 2026/06/18 7:22 a.m.6 views

MGASA-2026-0220 Updated perl packages fix security vulnerabilities

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. CVE-2026-8376...

9.8CVSS5.6AI score0.00398EPSS
Exploits1References4
nessus
nessus
added 2026/06/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-10725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small...

7.5CVSS5.7AI score0.00414EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/04 4:7 p.m.10 views

CVE-2026-49942 Net::CIDR::Set versions through 0.20 for Perl did not validate network masks

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One U+0661, or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also...

5.8AI score0.00312EPSS
Exploits0References3
osv
osv
added 2026/06/04 4:7 p.m.3 views

CVE-2026-49942 Net::CIDR::Set versions through 0.20 for Perl did not validate network masks

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One U+0661, or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also...

7.3CVSS6AI score0.00312EPSS
Exploits0References7
nessus
nessus
added 2026/05/27 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-42496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar...

9.1CVSS7.1AI score0.0043EPSS
Exploits0References3
osv
osv
added 2026/05/13 12:40 p.m.2 views

CVE-2026-8463 Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in argon2_verify on empty encoded input

Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in argon2verify on empty encoded input. The auto-detect form of argon2verify passes encodedlen - 1 as the length argument to memchr without checking that encodedlen is non-zero. When the encoded string is...

5.3CVSS5.9AI score0.00327EPSS
Exploits0References7
euvd
euvd
added 2026/04/27 12:29 p.m.8 views

EUVD-2026-25833

Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minifyutf8 function is an alias for minnify...

7.5CVSS5.4AI score0.00436EPSS
Exploits0References2
suse
suse
added 2026/04/23 12:10 p.m.4 views

Security update for perl

This update for perl fixes the following issue: CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow bsc1262486. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

10CVSS5.8AI score0.00641EPSS
Exploits0References4
susecve
susecve
added 2026/03/31 8:38 a.m.6 views

SUSE CVE-2026-4176

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of...

9.8CVSS5.9AI score0.00676EPSS
Exploits0References3
nessus
nessus
added 2026/03/31 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-4176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib...

9.8CVSS5.9AI score0.00676EPSS
Exploits1References3
nvd
nvd
added 2026/03/29 9:16 p.m.6 views

CVE-2026-4176

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of...

9.8CVSS0.00676EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2026/03/29 8:50 p.m.10 views

CVE-2026-4176 Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of...

5.9AI score0.00676EPSS
Exploits1References6
debiancve
debiancve
added 2026/03/29 8:50 p.m.4 views

CVE-2026-4176

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of...

9.8CVSS5.3AI score0.00676EPSS
Exploits0
attackerkb
attackerkb
added 2026/03/29 8:50 p.m.15 views

CVE-2026-4176

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of...

9.8CVSS5.9AI score0.00676EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder