2 matches found
EUVD-2026-42275
App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the mbedtlspemreadbuffer, mbedtlspkparse and mbedtlspkparsekeyfile functions when processing untrusted PEM input. An attacker can cause a one-byte heap-based buffer underflow by supplying specially crafted PEM data...