FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
d9e82328-a129-11e7-987e-4f174049b30aperl -- multiple vulnerabilities

SO-AND-SO reports:

CVE-2017-12814: $ENV{$key} stack buffer overflow on Windows

A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway.

CVE-2017-12837: Heap buffer overflow in regular expression compiler

Compiling certain regular expression patterns with the case-insensitive modifier could cause a heap buffer overflow and crash perl. This has now been fixed.

CVE-2017-12883: Buffer over-read in regular expression parser

For certain types of syntax error in a regular expression pattern, the error message could either contain the contents of a random, possibly large, chunk of memory, or could crash perl. This has now been fixed.


Discovery 2017-09-19
Entry 2017-09-24
perl5
ge 5.24.0 lt 5.24.3

ge 5.26.0 lt 5.26.1

https://metacpan.org/changes/release/SHAY/perl-5.24.3
https://metacpan.org/changes/release/SHAY/perl-5.26.1
CVE-2017-12814
CVE-2017-12837
CVE-2017-12883