rpm package
almalinux/perl-CPAN-DistnameInfo
pkg:rpm/almalinux/perl-CPAN-DistnameInfo
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40909 | Med | 5.9 | < 0.12-13.module_el8.6.0+2766+8bf0b7ce | 0.12-13.module_el8.6.0+2766+8bf0b7ce | May 30, 2025 | Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is | |
| CVE-2024-45321 | — | < 0.12-13.module_el8.6.0+2810+886f1911 | 0.12-13.module_el8.6.0+2810+886f1911 | Aug 27, 2024 | The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers. | ||
| CVE-2023-47038 | — | < 0.12-13.module_el8.6.0+2766+8bf0b7ce | 0.12-13.module_el8.6.0+2766+8bf0b7ce | Dec 18, 2023 | A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. |
- affected < 0.12-13.module_el8.6.0+2766+8bf0b7cefixed 0.12-13.module_el8.6.0+2766+8bf0b7ce
Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is
- CVE-2024-45321Aug 27, 2024affected < 0.12-13.module_el8.6.0+2810+886f1911fixed 0.12-13.module_el8.6.0+2810+886f1911
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.
- CVE-2023-47038Dec 18, 2023affected < 0.12-13.module_el8.6.0+2766+8bf0b7cefixed 0.12-13.module_el8.6.0+2766+8bf0b7ce
A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.