VYPR

apk package

wolfi/perl

pkg:apk/wolfi/perl

Vulnerabilities (3)

  • CVE-2026-8376CriMay 26, 2026
    affected < 5.42.2-r3fixed 5.42.2-r3

    Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed

  • CVE-2026-4176CriMar 29, 2026
    affected < 5.42.2-r0fixed 5.42.2-r0

    Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a v

  • CVE-2025-40909MedMay 30, 2025
    affected < 5.40.2-r1fixed 5.40.2-r1

    Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is