VYPR

Perl

by Perl Foundation

Source repositories

CVEs (52)

  • CVE-2012-5195Dec 18, 2012
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via…

  • CVE-2012-1151Sep 9, 2012
    risk 0.00cvss epss 0.03

    Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the…

  • CVE-2011-2939Jan 13, 2012
    risk 0.00cvss epss 0.03

    Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based…

  • CVE-2010-1158Apr 20, 2010
    risk 0.00cvss epss 0.02

    Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string.

  • CVE-2009-3626Oct 29, 2009
    risk 0.00cvss epss 0.02

    Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.

  • CVE-2008-1927Apr 24, 2008
    risk 0.00cvss epss 0.03

    Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.

  • CVE-2007-5116Nov 7, 2007
    risk 0.00cvss epss 0.05

    Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

  • CVE-2005-4278Dec 16, 2005
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.

  • CVE-2005-3962Dec 1, 2005
    risk 0.00cvss epss 0.01

    Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a…

  • CVE-2005-0448May 2, 2005
    risk 0.00cvss epss 0.00

    Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.

  • CVE-2004-0452Dec 21, 2004
    risk 0.00cvss epss 0.00

    Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.

  • CVE-2003-0900Dec 31, 2003
    risk 0.00cvss epss 0.01

    Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.

Page 3 of 3