VYPR

ack

by Debian

CVEs (3)

  • CVE-2026-49147Jul 9, 2026
    risk 0.00cvss epss

    App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes. When ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged.…

  • CVE-2026-49146Jul 9, 2026
    risk 0.00cvss epss

    App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any…

  • CVE-2026-49145Jul 9, 2026
    risk 0.00cvss epss

    App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does…