24 matches found
EUVD-2015-8484
Malware in sbrugna...
EUVD-2019-9393
Malware in sbrugna...
SUSE CVE-2015-8607
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...
samurai heap buffer overflow vulnerability
samurai is a ninja-compatible build tool written in C. It can be used in a variety of ways, including. A buffer overflow vulnerability exists in the 'canonpath' function of the util.c file in samurai version 0.7. The vulnerability stems from a networked system or product performing operations in...
CVE-2019-19795
samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file...
Heap overflow
samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file...
CVE-2019-19795
samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file...
CVE-2019-19795
CVE-2019-19795 affects the samurai 0.7 build tool. The connected sources describe a heap-based buffer overflow in the canonpath function of util.c triggered by a crafted build file. Concrete impact details across sources indicate memory corruption (heap overflow) with the potential consequences t...
Fedora 22 : perl-PathTools-3.47-312.fc22 (2016-4ca904238f)
This release fixes CVE-2015-8607 losing taint flag in File::Spec::canonpath subroutine. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...
Ubuntu: Security Advisory (USN-2878-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 15.04 / 15.10 : perl vulnerability (USN-2878-1)
David Golden discovered that the canonpath function in the Perl File::Spec module did not properly preserve the taint attribute. An attacker could possibly use this issue to bypass the taint protection mechanism. Note that Tenable Network Security has extracted the preceding description block...
Updated perl and perl-PathTools packages fix security vulnerability
It was reported that File::Spec::canonpath routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code CVE-2015-8607...
PathTools Security Mechanism Bypass Vulnerability
Perl is a free and powerful cross-platform programming language. PathTools is a set of pattern matching tools for system file paths. The 'canonpath' function in the File::Spec module of PathTools used in Perl fails to properly preserve the taint attribute of the data, allowing remote attackers to...
CVE-2015-8607
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...
DEBIAN-CVE-2015-8607
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...
Design/Logic Flaw
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...
CVE-2015-8607
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...
CVE-2015-8607
CVE-2015-8607 affects the Perl PathTools package, specifically the File::Spec::canonpath() function. The taint propagation bug can cause tainted input to be treated as untainted, potentially allowing unvalidated user data to reach sensitive code paths. The issue is observed in Perl environments u...
UBUNTU-CVE-2015-8607
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string...
FreeBSD : p5-PathTools -- File::Spec::canonpath loses taint (333f655a-b93a-11e5-9efa-5453ed2e2b49)
Ricardo Signes reports : Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath routine returned untained strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reac...