| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-6185 | 4.6 |
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
|
17-09-2021 - 12:14 | 02-08-2016 - 14:59 | |
| CVE-2018-6913 | 7.5 |
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.
|
24-08-2020 - 17:37 | 17-04-2018 - 20:29 | |
| CVE-2018-6797 | 7.5 |
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.
|
24-08-2020 - 17:37 | 17-04-2018 - 20:29 | |
| CVE-2018-6798 | 5.0 |
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure.
|
15-07-2020 - 03:15 | 17-04-2018 - 20:29 | |
| CVE-2017-6512 | 4.3 |
Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.
|
29-04-2020 - 20:24 | 01-06-2017 - 16:29 | |
| CVE-2015-8853 | 5.0 |
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
|
02-05-2018 - 01:29 | 25-05-2016 - 15:59 |