FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-06-21 18:43:11 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a380f43e-19e5-11f0-9568-b42e991fc52e	Perl -- heap buffer overflow when transliterating non-ASCII bytes 9b29abf9-4ab0-4765-b253-1875cd9b441e reports: A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses. Discovery 2025-04-13 Entry 2025-04-15 perl5.36 < 5.36.3 perl5.38 < 5.38.4 perl5.40 < 5.40.2 perl5-devel < 5.41.10 CVE-2024-56406 https://nvd.nist.gov/vuln/detail/CVE-2024-56406

VuXML ID

Description

a380f43e-19e5-11f0-9568-b42e991fc52e

Perl -- heap buffer overflow when transliterating non-ASCII bytes

9b29abf9-4ab0-4765-b253-1875cd9b441e reports:

A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

Discovery 2025-04-13
Entry 2025-04-15
perl5.36

< 5.36.3

perl5.38

< 5.38.4

perl5.40

< 5.40.2

perl5-devel

< 5.41.10

CVE-2024-56406
https://nvd.nist.gov/vuln/detail/CVE-2024-56406