5.15.6

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-02	CVE-2023-47039	Out-of-bounds Write vulnerability in Perl A vulnerability was found in Perl. local low complexity perl CWE-787	7.8
2023-04-29	CVE-2023-31484	Improper Certificate Validation vulnerability in multiple products CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. network high complexity cpanpm-project perl CWE-295	8.1
2023-04-29	CVE-2023-31486	Improper Certificate Validation vulnerability in multiple products HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. network high complexity http perl CWE-295	8.1
2020-06-05	CVE-2020-12723	Classic Buffer Overflow vulnerability in multiple products regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. network low complexity perl netapp fedoraproject opensuse oracle CWE-120	7.5
2020-06-05	CVE-2020-10878	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. network low complexity perl fedoraproject opensuse netapp oracle CWE-190	8.6
2018-12-07	CVE-2018-18314	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian netapp redhat CWE-119 critical	9.8
2018-12-07	CVE-2018-18313	Out-of-bounds Read vulnerability in multiple products Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. network low complexity perl canonical debian redhat netapp apple CWE-125 critical	9.1
2018-12-07	CVE-2018-18311	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190 critical	9.8
2018-12-05	CVE-2018-18312	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian redhat netapp CWE-119 critical	9.8
2016-08-02	CVE-2016-1238	Permissions, Privileges, and Access Controls vulnerability in multiple products (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . local low complexity debian fedoraproject perl opensuse apache CWE-264	7.8