Vulnerabilities > Perl
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-05 | CVE-2018-18312 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | 9.8 |
| 2018-06-07 | CVE-2018-12015 | Link Following vulnerability in multiple products In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | 7.5 |
| 2018-04-17 | CVE-2018-6913 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | 9.8 |
| 2018-04-17 | CVE-2018-6798 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Perl 5.22 through 5.26. | 7.5 |
| 2018-04-17 | CVE-2018-6797 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Perl 5.18 through 5.26. | 9.8 |
| 2017-09-28 | CVE-2017-12814 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Perl Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable. | 9.8 |
| 2017-09-19 | CVE-2017-12883 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Perl Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape. | 9.1 |
| 2017-09-19 | CVE-2017-12837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Perl Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier. | 7.5 |
| 2017-02-07 | CVE-2015-8608 | Out-of-bounds Read vulnerability in Perl 5.22 The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument. | 9.8 |
| 2016-08-02 | CVE-2016-6185 | The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory. | 7.8 |