MGASA-2026-0149 Updated perl-WWW-Mechanize-Cached, perl-File-XDG & perl-Path-Tiny packages fix security vulnerabilities

WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution...

CVE-2026-41564

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...

Oracle Linux 9 : perl-XML-Parser (ELSA-2026-7679)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-7679 advisory. 2.46-9.1.0.1 - Add perlLWP, perlURI, perlURI::file Requires 2.46-9.1 - Fix CVE-2006-10002, CVE-2006-10003 Tenable has extracted the preceding descripti...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: perl: perl-5.42.2-524.1.hum1 aarch64, x8664 perl-Attribute-Handlers-1.03-524.1.hum1 noarch perl-AutoLoader-5.74-524.1.hum1 noarch perl-AutoSplit-5.74-524.1.hum1 noarch perl-B-1.89-524.1.hum1...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: perl: perl-5.42.2-524.hum1 aarch64, x8664 perl-Attribute-Handlers-1.03-524.hum1 noarch perl-AutoLoader-5.74-524.hum1 noarch perl-AutoSplit-5.74-524.hum1 noarch perl-B-1.89-524.hum1 aarch64, x8664...

Mageia: Security Advisory (MGASA-2025-0276)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2005-2812

Malware in sbrugna...

CVE-2025-54769

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

CVE-2025-54769

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

CVE-2025-54769

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

perl:5.32 security update

An update is available for module.perl-Params-Check, module.perl-PerlIO-via-QuotedPrint, perl-Fedora-VSP, perl-Module-Build, perl-Math-BigRat, perl-Data-Section, module.perl-inc-latest, module.perl-Term-Cap, module.perl-Package-Generator, module.perl-autodie, perl-Sys-Syslog, perl-Params-Check,...

[slackware-security] perl

New perl packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/perl-5.34.3-i586-1slack15.0.txz: Upgraded. This update fixes bugs and a security issue: Heap-buffer-overflow with tr// Also upgraded Pe...

Fedora: Security Advisory for perl-CPAN (FEDORA-2023-46924e402a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2010-2761

The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v...

5.32 metadata for the Rocky Linux 8 module matrix (2/4)

An update is available for perl-DBD-Pg, perl-DBI, perl-IO-HTML, perl-LWP-MediaTypes, perl-Data-Dump, perl-FCGI, perl-HTTP-Message, perl-Net-HTTP, perl-File-pushd, perl-Try-Tiny, perl-Digest-HMAC, perl-HTML-Parser, perl-NTLM, perl-Mozilla-CA, perl-IO-Socket-SSL, perl-libwww-perl, perl-Encode-Local...

5.32 metadata for the Rocky Linux 8 module matrix (3/4)

An update is available for perl-DBD-Pg, perl-Parse-PMFile, perl-DBI, perl-DBD-SQLite, perl-YAML, perl-CPAN-DistnameInfo, perl-CPAN-Meta-Check, perl-FCGI, perl-DBD-MySQL, perl-App-cpanminus, perl-File-pushd, perl-String-ShellQuote, perl-Module-CPANfile. This update affects Rocky Linux 8. A Common...

5.32 metadata for the Rocky Linux 8 module matrix (1/4)

An update is available for perl-DBD-Pg, perl-Parse-PMFile, perl-DBI, perl-DBD-SQLite, perl-YAML, perl-CPAN-DistnameInfo, perl-CPAN-Meta-Check, perl-FCGI, perl-DBD-MySQL, perl-App-cpanminus, perl-File-pushd, perl-String-ShellQuote, perl-Module-CPANfile. This update affects Rocky Linux 8. A Common...

Ubuntu 21.04 : Perl vulnerability (USN-5033-1)

The remote Ubuntu 21.04 host has packages installed that are affected by a vulnerability as referenced in the USN-5033-1 advisory. It was discovered that the Perl Encode library incorrectly handled paths. A local attacker could possibly use this issue to trick the library into executing arbitrary...

Update of perl-Pod-Simple, perl-Log-Message-Simple, perl-Object-Accessor, perl-IPC-Cmd, perl-ExtUtils-MakeMaker, perl-Compress-Raw-Zlib, perl-CPAN, perl-CGI, perl-Digest-SHA, perl-Module-Loaded, perl-parent, perl-Module-CoreList, perl-Compress-Raw-Bzip2, perl-File-Fetch, perl-version, perl-ExtUtils-Embed, perl-Locale-Maketext-Simple, perl-Time-HiRes, perl-Module-Load-Conditional, perl-IO-Compress-Bzip2, perl-ExtUtils-CBuilder, perl-Term-UI, perl-Module-Build, perl-Pod-Escapes, perl-IO-Compress-Base, perl-Parse-CPAN-Meta, perl-Time-Piece, perl-Params-Check, perl-Module-Pluggable, perl-Archive-Tar, perl-IO-Compress-Zlib, perl-Package-Constants, perl-Test-Simple, perl-Test-Harness, perl-IO-Zlib, perl-ExtUtils-ParseXS, perl-Archive-Extract, perl-CPANPLUS, perl-Log-Message, perl-Module-Load, perl-Compress-Zlib

...

5.30 bug fix and enhancement update

An update is available for perl-Pod-Perldoc, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-Text-Glob, perl-Pod-Simple,...