511 matches found
MGASA-2026-0244 Updated perl-List-SomeUtils-XS packages fix security vulnerability
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. CVE-2026-12844...
[SECURITY] Fedora 43 Update: perl-CSS-Minifier-XS-0.15-1.fc43
'CSS::Minifier::XS' is a CSS "minifier". It's designed to remove unnecessary white-space and comments from CSS files, while also not breaking the CSS. 'CSS::Minifier::XS' is similar in function to 'CSS::Minifier', but is substantially faster as it's written in XS and not just pure Perl...
[SECURITY] Fedora 44 Update: perl-CSS-Minifier-XS-0.15-1.fc44
'CSS::Minifier::XS' is a CSS "minifier". It's designed to remove unnecessary white-space and comments from CSS files, while also not breaking the CSS. 'CSS::Minifier::XS' is similar in function to 'CSS::Minifier', but is substantially faster as it's written in XS and not just pure Perl...
OPENSUSE-SU-2026:21218-1 Security update for perl-List-SomeUtils-XS
This update for perl-List-SomeUtils-XS fixes the following issue - CVE-2026-12844: heap buffer overflow in the pairwise function bsc1269210...
SUSE-SU-2026:2782-1 Security update for perl-Cpanel-JSON-XS
This update for perl-Cpanel-JSON-XS fixes the following issues - CVE-2026-9334: type confusion via duplicate object keys when dupkeysasarrayref is enabled bsc1267546. - CVE-2026-9516: denial of service via UTF-8 BOM prefixed input when a decode filter callback throws bsc1267547...
UBUNTU-CVE-2026-14803
Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...
EUVD-2026-41798
Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...
OPENSUSE-SU-2026:11179-1 perl-List-SomeUtils-XS-0.590.0-1.1 on GA media
These are all security issues fixed in the perl-List-SomeUtils-XS-0.590.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11157-1 perl-CSS-Minifier-XS-0.140.0-1.1 on GA media
These are all security issues fixed in the perl-CSS-Minifier-XS-0.140.0-1.1 package on the GA media of openSUSE Tumbleweed...
Linux Distros Unpatched Vulnerability : CVE-2026-56018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify, allowing unbounded memory growth. In JsMinify XS.xs the cleanup free...
OPENSUSE-SU-2026:11158-1 perl-JavaScript-Minifier-XS-0.160.0-1.1 on GA media
These are all security issues fixed in the perl-JavaScript-Minifier-XS-0.160.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-56017
JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...
CVE-2026-56017
JavaScript::Minifier::XS versions before 0.16 for Perl crash with a NULL pointer dereference when the first meaningful token of the input is a slash. The regexp versus division disambiguator in JsTokenizeString XS.xs inspects the previous token's last byte to choose between a regexp literal and a...
CVE-2026-56017
JavaScript::Minifier::XS (Perl) is affected in versions before 0.16. The vulnerability arises when the first meaningful token is a slash; the JsTokenizeString logic examines the previous token and, with no valid preceding token, dereferences a NULL pointer, causing a crash. The public minify() AP...
CVE-2026-13593
CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace...
PT-2026-53733
Name of the Vulnerable Software and Affected Versions JavaScript::Minifier::XS versions prior to 0.16 Description An issue exists where memory is leaked during every call to the minify function. In the XS.xs component, the cleanup process only frees NodeSet structures and fails to free per-token...
CVE-2026-12844 List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
EUVD-2026-39444
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
CVE-2026-12844
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
OPENSUSE-SU-2026:21140-1 Security update for perl-Cpanel-JSON-XS
This update for perl-Cpanel-JSON-XS fixes the following issues: Changes in perl-Cpanel-JSON-XS: - updated to 4.420.0 4.42 see /usr/share/doc/packages/perl-Cpanel-JSON-XS/Changes 4.42 2026-06-27 rurban - Ensure encode with a type spec hashref does not change the hashref argument GH 240 - Fix -e...