MiracleLinux 8 : perl:5.32 (AXSA:2026-487:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-487:01 advisory. perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 Tenable has extracted the precedin...

Oracle Linux 8 : perl:5.32 (ELSA-2026-8096)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8096 advisory. - Fix CVE-2025-40909 - Clone dirhandles without fchdir - Fix CVE-2023-47038 - Fix CVE-2021-36770 - mitigate @INC pollution when loading ConfigLocal Tenable has...

RLSA-2026:8096 Moderate: perl:5.32 security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 For more details about the security...

Moderate: perl:5.32 security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 For more details about the security...

OESA-2025-1631 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: Perl threads have a working directory ra...

OESA-2025-1470 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: A heap buffer overflow vulnerability was...

OESA-2023-1928 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: In Perl before 5.38.2, Sparseunipropstri...

OESA-2023-1565 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development.Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: In Perl 5.34.0, function Sfinduninitvar i...

OESA-2023-1287 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: CPAN.pm before 2.35 does not verify TLS...

SUSE CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support sperl, allows local users to execute arbitrary code by setting the PERLIODEBUG variable and executing a Perl script whose full pathname contains a long directory tree...

SUSE CVE-2007-5116

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine regcomp.c in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode UTF characters in a regular expression...

SUSE CVE-2008-2827

The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452...

SUSE CVE-2012-5195

Heap-based buffer overflow in the Perlrepeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service memory consumption and crash or possibly execute arbitrary code via the 'x' string repea...

CLSA-2022-1657561005 Fixed CVE-2020-12723 in perl-5.10.1

CVE-2020-12723: fix a buffer overflow caused by a crafted regular expression because of recursive Sstudychunk calls...

Perl 代码问题漏洞

Perl is a general-purpose, interpreted, dynamic, cross-platform programming language from the PERL community. A code issue vulnerability exists in Perl 5 that allows an attacker to execute commands with write access to the current directory of a Perl 5 process...

Perl heap overflow vulnerability (CNVD-2019-09594)

Perl is a high-level, general-purpose, interpreted, dynamic programming language. A heap overflow vulnerability exists in SgrokbslashN in 'regcomp.c' in Perl 5.26 during compilation, which can be exploited by a remote attacker to obtain sensitive information via a specially crafted regular...

UBUNTU-CVE-2018-6798

An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure...

CVE-2017-12837

Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...

DEBIAN-CVE-2017-12837

Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...

DEBIAN-CVE-2017-12883

Buffer overflow in the SgrokbslashN function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service application crash via a crafted regular expression with an invalid '\NU+...' escape...