Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 205 results


CVE-2021-47155

Medium priority
Needs evaluation

The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

1 affected packages

libnetwork-ipv4addr-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libnetwork-ipv4addr-perl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-47154

Medium priority

Some fixes available 1 of 3

The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on...

1 affected packages

libnet-cidr-lite-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libnet-cidr-lite-perl Not affected Not affected Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2018-25099

Medium priority
Needs evaluation

In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and chacha20poly1305_decrypt_verify() do not verify the tag.

1 affected packages

libcryptx-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcryptx-perl Not affected Not affected Not affected Needs evaluation
Show less packages

CVE-2022-48623

Medium priority

Some fixes available 2 of 4

The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.

1 affected packages

libcpanel-json-xs-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libcpanel-json-xs-perl Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2024-23525

Medium priority

Some fixes available 3 of 4

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.

1 affected packages

libspreadsheet-parsexlsx-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspreadsheet-parsexlsx-perl Not affected Fixed Fixed Ignored Ignored
Show less packages

CVE-2024-22368

Medium priority

Some fixes available 3 of 4

The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on...

1 affected packages

libspreadsheet-parsexlsx-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspreadsheet-parsexlsx-perl Not affected Fixed Fixed Ignored Ignored
Show less packages

CVE-2023-7101

Medium priority

Some fixes available 5 of 7

Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a...

1 affected packages

libspreadsheet-parseexcel-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libspreadsheet-parseexcel-perl Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-47100

Medium priority
Not affected

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

1 affected packages

perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
perl Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-47039

Negligible priority
Ignored

A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell (`cmd.exe`). When running an executable that uses the Windows Perl interpreter,...

3 affected packages

perl, perl6, raku

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
perl Ignored Ignored Ignored Ignored
perl6 Not in release Ignored Ignored Ignored
raku Not in release Not in release Ignored Ignored
Show less packages

CVE-2023-47038

Medium priority

Some fixes available 6 of 12

A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.

3 affected packages

perl, perl6, raku

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
perl Fixed Fixed Fixed Not affected Not affected
perl6 Not in release Not in release Needs evaluation Needs evaluation Ignored
raku Needs evaluation Not in release Not in release Ignored Ignored
Show less packages