perl
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | A highly capable, feature-rich programming language |
| Version | 5.40.0-1 [core] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2630 | 5.34.0-3 | Medium | Vulnerable | ||
| AVG-2264 | 5.34.0-3 | Medium | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-36770 | AVG-2264 | Medium | Yes | Directory traversal | Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current... |
| CVE-2020-16156 | AVG-2630 | Medium | Yes | Signature forgery | A flaw was found in the way the perl-CPAN 2.28 performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised CPAN... |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-500 | 5.26.0-1 | 5.26.1-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2017-12883 | AVG-500 | High | Yes | Information disclosure | A heap buffer overread was found in perl's grok_bslash_N() function, which is used in the compilation of Unicode nodes in regular expressions, possibly... |