18 matches found
K000149640: Multiple Perl vulnerabilities
Security Advisory Description CVE-2023-31486 HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2020-12723 regcomp.c in Perl before 5.30.3 allows a buffer overflow...
BELL-CVE-2017-12837 CVE-2017-12837 does not affect BellSoft software
Bulletin has no description...
Photon OS 1.0: Perl PHSA-2017-0037
An update of the perl package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0037. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121735;...
Photon OS 1.0: Perl / Ruby PHSA-2017-0037 (deprecated)
An update of perl,ruby packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0037. The text itself is copyright C VMware, Inc...
Fedora 27 : 4:perl (2017-7ae07e9f1f)
Update perl:MODULECOMPAT ---- Security fix for CVE-2017-12837 CVE-2017-12883 see Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Updated perl packages fix security vulnerability
John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory which might be changed to another directory without the user realising and potentially leading to privilege escalation...
openSUSE Security Update : perl (openSUSE-2017-1304)
This update for perl fixes the following issues : Security issues fixed : - CVE-2017-12837: Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a...
Ubuntu 14.04 LTS / 16.04 LTS : Perl vulnerabilities (USN-3478-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3478-1 advisory. Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash,...
USN-3478-1: Perl vulnerabilities
Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-12837, CVE-2017-12883...
Fedora Update for perl FEDORA-2017-2008fdd7e2
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : perl -- multiple vulnerabilities (d9e82328-a129-11e7-987e-4f174049b30a)
SO-AND-SO reports : CVE-2017-12814: $ENV$key stack-based buffer overflow on Windows A possible stack-based buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. CVE-2017-12837: Heap buffer overflow in regular expression...
Debian DSA-3982-1 : perl - security update
Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-12837 Jakub Wilk reported a heap buffer overflow flaw in the regular expression compiler, allowing a...
[SECURITY] [DSA 3982-1] perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3982-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 21, 2017 https://www.debian.org/security/faq -...
CVE-2017-12837
Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...
CVE-2017-12837
Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...
CVE-2017-12837
CVE-2017-12837 is a heap-based buffer overflow in Perl’s regex compiler (S_regatom in regcomp.c) affecting Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1. It allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted regular expression containing a '\N{}' esca...
CVE-2017-12837
Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...
CVE-2017-12837
A heap write buffer overflow was found in perl's Sregatom function, which is used in the compilation of regular expressions, resulting in the crash of the perl interpreter. An attacker, able to provide a specially crafted regular expression, could cause a denial of service...