25 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-20230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read...
EUVD-2017-18967
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
CVE-2017-20230
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
UBUNTU-CVE-2017-20230
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
CVE-2017-20230
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
CVE-2017-20230
CVE-2017-20230 affects Perl’s Storable before 3.05. The issue arises in retrieve_hook, which stores the class-name length as a signed int but reads it as unsigned, enabling crafted data to trigger a stack overflow during read operations. Public reports confirm a high-impact condition (CRITICAL) w...
PT-2026-33993
Name of the Vulnerable Software and Affected Versions Storable versions prior to 3.05 Description A stack overflow exists in the retrieve hook function. The issue occurs because the length of the class name is stored as a signed integer but is treated as unsigned during read operations, allowing ...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: perl-Storable: perl-Storable-3.37-522.1.hum1 aarch64, x8664 perl-Storable-tests-3.37-522.1.hum1 aarch64, x8664 perl-Storable-3.37-522.1.hum1.src src...
EUVD-2022-47485
Malicious code in bioql PyPI...
CVE-2022-44542
lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...
lesspipe: Arbitrary Code Exeecution
Background lesspipe is a preprocessor for less. Description lesspipe has support for parsing Perl storable "PST" files, Impact A crafted Perl storable file which is passed into lesspipe could result in arbitrary code execution. Workaround There is no known workaround at this time. Resolution All...
CVE-2022-44542
lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...
CVE-2022-44542
lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...
Design/Logic Flaw
lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...
CVE-2022-44542
CVE-2022-44542 affects lesspipe up to version 2.05; vulnerability arises from handling Perl Storable (pst) files where a crafted PST can trigger deserialized object destructor execution, enabling remote code execution. Impact is described as total compromise with high confidentiality, integrity, ...
Gentoo 代码问题漏洞
Gentoo is an open source Linux system from the Gentoo Foundation. A code issue vulnerability exists in Gentoo lesspipe versions prior to 2.06. An attacker can exploit this vulnerability to execute code via a Perl Storable pst file...
CVE-2022-44542
lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...
PT-2022-27228 · Lesspipe +1 · Lesspipe +1
Name of the Vulnerable Software and Affected Versions: lesspipe versions prior to 2.06 Description: The issue allows attackers to execute code via Perl Storable pst files. This is due to deserialized object destructor execution via a key/value pair in a hash. Recommendations: For versions prior t...
CVE-2022-44542
lesspipe before 2.06 allows attackers to execute code via Perl Storable pst files, because of deserialized object destructor execution via a key/value pair in a hash...
new packages: perl-Storable
An update is available for perl-Storable. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...