Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
perl vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-13895
Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module prior to 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact...
P5-crypt-perl Project P5-crypt-perl
1 Github repository
7.5
CVSSv3
CVE-2020-17478
ECDSA/EC/Point.pm in Crypt::Perl prior to 0.33 does not properly consider timing attacks against the EC point multiplication algorithm.
P5-crypt-perl Project P5-crypt-perl
1 Github repository
9.8
CVSSv3
CVE-2019-1010161
perl-CRYPT-JWT 0.022 and previous versions is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypa...
Perl-crypt-jwt Project Perl-crypt-jwt
NA
CVE-2009-0129
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify and DSA_do_verify functions, which might allow remote malicious users to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-200...
Perl-openssl Libcrypt-openssl-dsa-perl Nil
NA
CVE-2013-7422
Integer underflow in regcomp.c in Perl prior to 5.20, as used in Apple OS X prior to 10.10.5 and other products, allows context-dependent malicious users to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid ...
Apple Mac Os X
Perl Perl 5.18.4
NA
CVE-2014-4330
The Dumper method in Data::Dumper prior to 2.154, as used in Perl 5.20.1 and previous versions, allows context-dependent malicious users to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large num...
Perl Perl
Data Dumper Project Data Dumper
NA
CVE-2011-2939
Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module prior to 2.44, as used in Perl prior to 5.15.6, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap...
Perl Perl 5.14.1
Dan Kogai Encode Module 1.65
Dan Kogai Encode Module 1.56
Dan Kogai Encode Module 2.19
Dan Kogai Encode Module 2.08
Dan Kogai Encode Module
Dan Kogai Encode Module 1.74
Dan Kogai Encode Module 2.20
Dan Kogai Encode Module 0.96
Perl Perl 5.8.4
Perl Perl 5.12.0
Dan Kogai Encode Module 2.17
Dan Kogai Encode Module 1.77
Perl Perl 5.13.10
Dan Kogai Encode Module 1.97
Dan Kogai Encode Module 2.13
Dan Kogai Encode Module 1.95
Dan Kogai Encode Module 1.85
Perl Perl 5.8.1
Dan Kogai Encode Module 1.54
Dan Kogai Encode Module 2.35
Perl Perl 5.8.9
NA
CVE-2004-0452
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
Larry Wall Perl 5.6.1
Larry Wall Perl 5.8.4
7.8
CVSSv3
CVE-2020-16156
CPAN 2.28 allows Signature Verification Bypass.
Perl Comprehensive Perl Archive Network 2.28
Fedoraproject Fedora 34
Fedoraproject Fedora 35
NA
CVE-2005-0156
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
Larry Wall Perl 5.8.0
Sgi Propack 3.0
Larry Wall Perl 5.8.4.2
Larry Wall Perl 5.8.4
Larry Wall Perl 5.8.4.5
Larry Wall Perl 5.8.4.3
Larry Wall Perl 5.8.4.2.3
Larry Wall Perl 5.8.1
Larry Wall Perl 5.8.4.1
Larry Wall Perl 5.8.4.4
Larry Wall Perl 5.8.3
Trustix Secure Linux 2.0
Suse Suse Linux 9.2
Redhat Enterprise Linux Desktop 3.0
Suse Suse Linux 9.0
Ubuntu Ubuntu Linux 4.1
Suse Suse Linux 8.2
Redhat Enterprise Linux 3.0
Ibm Aix 5.3
Suse Suse Linux 8.0
Ibm Aix 5.2
Trustix Secure Linux 1.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »