Search CVE reports
1 – 10 of 253 results
Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which...
2 affected packages
libcompress-raw-zlib-perl, perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libcompress-raw-zlib-perl | Not affected | Not affected | Needs evaluation | Needs evaluation |
| perl | Not affected | Not affected | Needs evaluation | Needs evaluation |
Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the...
1 affected package
libapache-session-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libapache-session-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes(). The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1)...
1 affected package
libcrypt-sysrandom-xs-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libcrypt-sysrandom-xs-perl | Not in release | Not in release | — | — |
Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the...
1 affected package
libapache-sessionx-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libapache-sessionx-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions `addr2cidr` and `cidrlookup` may return leading zeros in a CIDR string, which may in turn be...
1 affected package
libnet-cidr-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libnet-cidr-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the...
1 affected package
libimage-exiftool-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libimage-exiftool-perl | Not affected | Not affected | Not affected | Not affected |
Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypt_urandom_getrandom(). The function does not validate that the length parameter is non-negative. If a negative...
1 affected package
libcrypt-urandom-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libcrypt-urandom-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
WWW::OAuth 1.000 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
1 affected package
libwww-oauth-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libwww-oauth-perl | Needs evaluation | Needs evaluation | Needs evaluation | — |
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dereference vulnerability. Versions before 0.032 contain HarfBuzz 8.4.0 or earlier bundled as hb_src.tar.gz in the source tarball,...
1 affected package
libharfbuzz-shaper-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libharfbuzz-shaper-perl | Not in release | Not in release | — | — |
Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks
1 affected package
libplack-middleware-session-perl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libplack-middleware-session-perl | Not affected | Not affected | Needs evaluation | Needs evaluation |