Search CVE reports

Toggle filters

31 – 40 of 241 results

CVE-2024-55564

Medium priority
Needs evaluation

The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow.

1 affected package

libposix-2008-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libposix-2008-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-53901

Medium priority
Needs evaluation

The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image.

1 affected package

libimager-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libimager-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-10224

Medium priority
Fixed

Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|"...

1 affected package

libmodule-scandeps-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libmodule-scandeps-perl Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-35326

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-35325

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-35328

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-35329

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-4140

Medium priority
Needs evaluation

An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set (from 2020 and 2024) limits excessive depth and the total...

1 affected package

libemail-mime-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libemail-mime-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-2467

Medium priority
Vulnerable

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would...

1 affected package

libcrypt-openssl-rsa-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libcrypt-openssl-rsa-perl Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2021-47208

Medium priority
Needs evaluation

The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service.

1 affected package

libmojolicious-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libmojolicious-perl Not affected Not affected Needs evaluation Needs evaluation
Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON