Perl 5.9.2
Approved changes feed: RSS · Atom
cpe:2.3:a:perl:perl:5.9.2:*:*:*:*:*:*:*
part: a version: 5.9.2 update: *
| Vendor | Perl (1e08d0ea-f6e4-5b5b-a347-b9704b70f1d2) |
|---|---|
| Product | Perl (d036ec11-adad-5b60-822b-4cf91054fb72) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/perl |
purl2cpe | 2026-06-01 10:17:05.106443 |
pkg:deb/ubuntu/perl |
purl2cpe | 2026-06-01 10:17:05.106444 |
pkg:github/perl/perl5 |
purl2cpe | 2026-06-01 10:17:05.106445 |
pkg:perl/perl5 |
purl2cpe | 2026-06-01 10:17:05.106447 |
pkg:rpm/fedora/perl |
purl2cpe | 2026-06-01 10:17:05.106448 |
pkg:rpm/opensuse/perl |
purl2cpe | 2026-06-01 10:17:05.106450 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-1238 |
vulnerable | 2026-06-03 14:35:31.057660 |
Details available
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.
Published: 2016-08-02T14:00:00.000Z
Updated: 2024-08-05T22:48:13.656Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2939 |
vulnerable | 2026-06-03 14:31:11.377662 |
Details available
Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.
Published: 2012-01-13T18:00:00.000Z
Updated: 2024-08-06T23:15:31.951Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-2728 |
vulnerable | 2026-06-03 14:31:10.541606 |
Details available
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.
Published: 2012-12-21T02:00:00.000Z
Updated: 2024-08-06T23:08:23.771Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-3962 |
vulnerable | 2026-06-03 14:27:11.920096 |
Details available
Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.
Published: 2005-12-01T17:00:00.000Z
Updated: 2024-08-07T23:31:48.716Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.