CVE-2018-6797

Опубликовано: 17 апр. 2018

Источник: debian

Описание

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
perl	fixed	5.26.1-6		package
perl	fixed	5.24.1-3+deb9u3	stretch	package
perl	ignored		jessie	package
perl	ignored		wheezy	package

Примечания

https://rt.perl.org/Public/Bug/Display.html?id=132227
maint-5.26: https://perl5.git.perl.org/perl.git/commitdiff/abe1e6c568b96bcb382dfa4f61c56d1ab001ea51
maint-5.24: https://perl5.git.perl.org/perl.git/commitdiff/510cc261d965ccfa427900ebb368fc4d337442d2

Связанные уязвимости

CVE-2018-6797

CVSS3: 9.8

ubuntu

почти 8 лет назад

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

CVE-2018-6797

CVSS3: 8.1

redhat

почти 8 лет назад

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

CVE-2018-6797

CVSS3: 9.8

nvd

почти 8 лет назад

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

GHSA-8qqx-9gj6-xx9p

CVSS3: 9.8

github

больше 3 лет назад

An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

openSUSE-SU-2018:1095-1

suse-cvrf

почти 8 лет назад

Security update for perl