rpm package
suse/perl&distro=SUSE Linux Enterprise Desktop 12 SP2
pkg:rpm/suse/perl&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-12883 | Cri | 9.1 | < 5.18.2-12.3.1 | 5.18.2-12.3.1 | Sep 19, 2017 | Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+ | |
| CVE-2017-12837 | Hig | 7.5 | < 5.18.2-12.3.1 | 5.18.2-12.3.1 | Sep 19, 2017 | Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier. | |
| CVE-2017-6512 | Med | 5.9 | < 5.18.2-12.3.1 | 5.18.2-12.3.1 | Jun 1, 2017 | Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic. |
- affected < 5.18.2-12.3.1fixed 5.18.2-12.3.1
Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+
- affected < 5.18.2-12.3.1fixed 5.18.2-12.3.1
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier.
- affected < 5.18.2-12.3.1fixed 5.18.2-12.3.1
Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.