CVE search results

51 – 60 of 205 results

Detailed view

Sort by:

CVE-2011-4115

Low priority

Vulnerable

Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.

1 affected packages

libparallel-forkmanager-perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libparallel-forkmanager-perl	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2013-1437

Low priority

Ignored

Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.

2 affected packages

libmodule-metadata-perl, perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libmodule-metadata-perl	—	—	—	—	—
perl	—	—	—	—	—

CVE-2013-4184

Low priority

Not in release

Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks

1 affected packages

libdata-uuid-perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libdata-uuid-perl	—	—	—	—	—

CVE-2011-1933

Medium priority

Ignored

SQL injection vulnerability in Jifty::DBI before 0.68.

1 affected packages

libjifty-dbi-perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libjifty-dbi-perl	—	—	—	—	—

libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which...

1 affected packages

libpoe-component-irc-perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libpoe-component-irc-perl	—	—	—	—	—

CVE-2013-1666

Medium priority

Not affected

Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.

1 affected packages

perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
perl	—	—	—	—	—

CVE-2019-17533

Medium priority

Some fixes available 4 of 24

Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.

3 affected packages

libmatio, libpdl-io-matlab-perl, mldemos

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libmatio	Not affected	Not affected	Fixed	Fixed	Fixed
libpdl-io-matlab-perl	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
mldemos	Not in release	Not in release	Needs evaluation	Not in release	Needs evaluation

CVE-2019-1010161

Unknown priority

Not affected

perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is:...

1 affected packages

libcrypt-jwt-perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libcrypt-jwt-perl	—	—	—	Not in release	Not in release

CVE-2019-1010263

Medium priority

Needs evaluation

Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector...

1 affected packages

libcrypt-jwt-perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libcrypt-jwt-perl	Needs evaluation	Needs evaluation	Needs evaluation	Not in release	Not in release

CVE-2018-18898

Medium priority

Some fixes available 5 of 6

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

1 affected packages

libemail-address-list-perl

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libemail-address-list-perl	—	—	Fixed	Fixed	Fixed

Export to JSON

Results by page:

Search CVE reports

CVE-2011-4115

CVE-2013-1437

CVE-2013-4184

CVE-2011-1933

CVE-2010-3438

CVE-2013-1666

CVE-2019-17533

CVE-2019-1010161

CVE-2019-1010263

CVE-2018-18898