Search CVE reports
81 – 90 of 238 results
Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files.
1 affected package
libparallel-forkmanager-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libparallel-forkmanager-perl | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
2 affected packages
libmodule-metadata-perl, perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libmodule-metadata-perl | — | — | — | — |
| perl | — | — | — | — |
Not in release
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
1 affected package
libdata-uuid-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libdata-uuid-perl | — | — | — | — |
SQL injection vulnerability in Jifty::DBI before 0.68.
1 affected package
libjifty-dbi-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libjifty-dbi-perl | — | — | — | — |
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which...
1 affected package
libpoe-component-irc-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpoe-component-irc-perl | — | — | — | — |
Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.
1 affected package
perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| perl | — | — | — | — |
Some fixes available 4 of 25
Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' character, leading to a heap-based buffer over-read in strdup_vprintf when uninitialized memory is accessed.
3 affected packages
libpdl-io-matlab-perl, libmatio, mldemos
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdl-io-matlab-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libmatio | Not affected | Not affected | Fixed | Fixed |
| mldemos | Not in release | Not in release | Needs evaluation | Not in release |
perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is:...
1 affected package
libcrypt-jwt-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libcrypt-jwt-perl | — | — | — | Not in release |
Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Control. The impact is: allow attackers to bypass authentication by providing a token by crafting with hmac(). The component is: JWT.pm, line 614. The attack vector...
1 affected package
libcrypt-jwt-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libcrypt-jwt-perl | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
Some fixes available 5 of 6
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.
1 affected package
libemail-address-list-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libemail-address-list-perl | — | — | Fixed | Fixed |