Search CVE reports
81 – 90 of 204 results
CVE-2017-10788
Low prioritySome fixes available 1 of 5
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1) certain error responses from a...
1 affected packages
libdbd-mysql-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libdbd-mysql-perl | Not affected | Not affected | Not affected | Not affected | Fixed |
CVE-2017-10672
Medium prioritySome fixes available 4 of 5
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.
1 affected packages
libxml-libxml-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml-libxml-perl | — | — | — | — | Fixed |
CVE-2015-8326
Low prioritySome fixes available 1 of 4
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user.
1 affected packages
libiptables-parse-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libiptables-parse-perl | — | — | — | Not affected | Not affected |
CVE-2017-6512
Low prioritySome fixes available 2 of 4
Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
1 affected packages
perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
perl | — | — | — | — | Fixed |
CVE-2017-0374
Medium prioritylib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array.
1 affected packages
libconfig-model-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libconfig-model-perl | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-0373
Medium priorityThe gen_class_pod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model (aka libconfig-model-perl) before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a...
1 affected packages
libconfig-model-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libconfig-model-perl | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-10374
Low priorityperltidy through 20160302, as used by perlcritic, check-all-the-things, and other software, relies on the current working directory for certain output files and does not have a symlink-attack protection mechanism, which...
1 affected packages
perltidy
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
perltidy | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-1249
Low prioritySome fixes available 1 of 4
The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned number of placeholders in WHERE...
1 affected packages
libdbd-mysql-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libdbd-mysql-perl | Not affected | Not affected | Not affected | Not affected | Fixed |
CVE-2015-8608
Negligible priorityThe VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.
1 affected packages
perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
perl | — | — | — | — | — |
CVE-2016-9181
Medium priorityperl-Image-Info: When parsing an SVG file, external entity expansion (XXE) was not disabled. An attacker could craft an SVG file which, when processed by an application using perl-Image-Info, could cause denial of service...
1 affected packages
libimage-info-perl
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libimage-info-perl | Not affected | Not affected | Not affected | Not affected | Vulnerable |