Search CVE reports
61 – 70 of 269 results
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|"...
1 affected package
libmodule-scandeps-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libmodule-scandeps-perl | — | Fixed | Fixed | Fixed | Fixed |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
4 affected packages
libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libyaml | — | Not affected | Not affected | Not affected | Not affected |
| libyaml-libyaml-perl | — | Not affected | Not affected | Not affected | Not affected |
| golang-goyaml | — | Not in release | Not in release | Not in release | — |
| golang-yaml.v2 | — | Not affected | Not affected | Not affected | Not affected |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
4 affected packages
libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libyaml | — | Not affected | Not affected | Not affected | Not affected |
| libyaml-libyaml-perl | — | Not affected | Not affected | Not affected | Not affected |
| golang-goyaml | — | Not in release | Not in release | Not in release | — |
| golang-yaml.v2 | — | Not affected | Not affected | Not affected | Not affected |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
4 affected packages
libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libyaml | — | Not affected | Not affected | Not affected | Not affected |
| libyaml-libyaml-perl | — | Not affected | Not affected | Not affected | Not affected |
| golang-goyaml | — | Not in release | Not in release | Not in release | — |
| golang-yaml.v2 | — | Not affected | Not affected | Not affected | Not affected |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
4 affected packages
libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libyaml | — | Not affected | Not affected | Not affected | Not affected |
| libyaml-libyaml-perl | — | Not affected | Not affected | Not affected | Not affected |
| golang-goyaml | — | Not in release | Not in release | Not in release | — |
| golang-yaml.v2 | — | Not affected | Not affected | Not affected | Not affected |
An excessive memory use issue (CWE-770) exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set (from 2020 and 2024) limits excessive depth and the total...
1 affected package
libemail-mime-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libemail-mime-perl | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Needs evaluation |
A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would...
1 affected package
libcrypt-openssl-rsa-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcrypt-openssl-rsa-perl | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service.
1 affected package
libmojolicious-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libmojolicious-perl | Not affected | Not affected | Not affected | Ignored | Needs evaluation |
The Mojolicious module before 8.65 for Perl is vulnerable to secure_compare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected.
1 affected package
libmojolicious-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libmojolicious-perl | Not affected | Not affected | Not affected | Ignored | Needs evaluation |
The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar.
1 affected package
libmojolicious-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libmojolicious-perl | Not affected | Not affected | Not affected | Not affected | Needs evaluation |