NewStart CGSL MAIN 6.06 (SP) : tcl Vulnerability (NS-SA-2026-0011)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has tcl packages installed that are affected by a vulnerability: - The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows...

AZL-79484 CVE-2026-3381 affecting package tcl 8.6.13-3

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

EUVD-2007-4750

Malware in sbrugna...

AZL-65571 CVE-2025-40913 affecting package tcl for versions less than 8.6.13-2

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow. Net::Dropbear embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328...

AZL-31497 CVE-2023-45853 affecting package tcl for versions less than 8.6.13-3

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

AZL-35295 CVE-2023-45853 affecting package tcl for versions less than 8.6.13-3

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

AZL-35296 CVE-2023-36328 affecting package tcl for versions less than 8.6.13-3

Integer Overflow vulnerability in mpgrow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service DoS...

PT-2023-36105 · Tcl · Tcl

Name of the Vulnerable Software and Affected Versions: tcl affected versions not specified Description: The issue involves a race condition in test socket-13.1. Additionally, the SQLite extension has been removed, and the packaged sqlite3 is used instead. Recommendations: At the moment, there is ...

CVE-2020-3201

A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient inp...

Regular Expression Denial Of Service (ReDoS)

tcl is vulnerable to regular expression denial of service ReDoS attacks. The vulnerability exists as the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause...