Vulnerabilities > Perl > Perl > 2.1.3

DATE CVE VULNERABILITY TITLE RISK
2024-01-02 CVE-2023-47039 Out-of-bounds Write vulnerability in Perl
A vulnerability was found in Perl.
local
low complexity
perl CWE-787
7.8
7.8
2023-04-29 CVE-2023-31484 Improper Certificate Validation vulnerability in multiple products
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
network
high complexity
cpanpm-project perl CWE-295
8.1
8.1
2023-04-29 CVE-2023-31486 Improper Certificate Validation vulnerability in multiple products
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
network
high complexity
http perl CWE-295
8.1
8.1
2020-06-05 CVE-2020-12723 Classic Buffer Overflow vulnerability in multiple products
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
network
low complexity
perl netapp fedoraproject opensuse oracle CWE-120
7.5
7.5
2020-06-05 CVE-2020-10878 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation.
network
low complexity
perl fedoraproject opensuse netapp oracle CWE-190
8.6
8.6
2018-12-07 CVE-2018-18314 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian netapp redhat CWE-119
critical
 9.8
9.8
2018-12-07 CVE-2018-18313 Out-of-bounds Read vulnerability in multiple products
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
network
low complexity
perl canonical debian redhat netapp apple CWE-125
critical
 9.1
9.1
2018-12-07 CVE-2018-18311 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190
critical
 9.8
9.8
2018-12-05 CVE-2018-18312 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian redhat netapp CWE-119
critical
 9.8
9.8
2018-06-07 CVE-2018-12015 Link Following vulnerability in multiple products
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
network
low complexity
canonical debian perl archive apple netapp CWE-59
6.4
6.4