Fedora: Security Advisory for jakarta-oro (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: jakarta-oro-2.0.8-44.fc40

The Jakarta-ORO Java classes are a set of text-processing Java classes that provide Perl5 compatible regular expressions, AWK-like regular expressions, glob expressions, and utility classes for performing substitutions, splits, filtering filenames, etc. This library is the successor to the...

Debian: Security Advisory (DLA-2386-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2386-1 : libdbi-perl security update

Several vulnerabilities were discovered in the Perl5 Database Interface DBI. An attacker could trigger a denial of service DoS and possibly execute arbitrary code. CVE-2019-20919 The hvfetch documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls...

[SECURITY] [DLA 2386-1] libdbi-perl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2386-1 [email protected] https://www.debian.org/lts/security/ September 28, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

[SECURITY] Fedora 26 Update: perl-DBD-MySQL-4.043-1.fc26

DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming langua ge and the MySQL programming API that comes with the MySQL relational database management system...

DBD::mysql: Multiple vulnerabilities

Background MySQL driver for the Perl5 Database Interface DBI Description Multiple vulnerabilities have been discovered in DBD::mysql. Please review the CVE identifiers referenced below for details. Impact An attacker could cause a Denial of Service condition, execute arbitrary code, or have other...

[SECURITY] Fedora 24 Update: perl-DBD-MySQL-4.039-2.fc24

DBD::mysql is the Perl5 Database Interface driver for the MySQL database. In other words: DBD::mysql is an interface between the Perl programming langua ge and the MySQL programming API that comes with the MySQL relational database management system...

perl5 -- taint mechanism bypass vulnerability

MITRE reports: Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp...

Perl CGI.pm Header Values Newline Handling Unspecified Security Vulnerability

Perl CGI.pm is prone to an unspecified security vulnerability related to handling of newlines embedded in header values. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CGI::Session CGISESSID Cookie值目录遍历漏洞

BUGTRAQ ID: 30267 CGI::Session是一个Perl5库，可提供可靠易用的模块化会话管理系统。 CGI::Session没有充分的过滤CGISESSID cookie值便将其用在了File驱动中创建会话数据文件的文件名。如果远程攻击者在cookie值中注入了目录遍历序列，就会导致File驱动从配置的会话数据目录以外的任意文件读取会话数据。 仅在满足了所有以下条件的情况下才可以利用这个漏洞： 1 Web应用使用了CGI::Session中的File驱动管理会话。 2 Web应用部署于基于Windows的系统。 3...

p5-DBI -- insecure temporary file creation vulnerability

Javier Fernández-Sanguino Peña reports: The DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library...