Security Advisories (27)

CVE-2011-2728 (2012-12-21)

The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.

CVE-2020-12723 (2020-06-05)

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.

CVE-2020-10878 (2020-06-05)

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.

CVE-2020-10543 (2020-06-05)

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

CVE-2018-6913 (2018-04-17)

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

CVE-2018-18314 (2018-12-07)

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2018-18313 (2018-12-07)

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

CVE-2018-18312 (2018-12-05)

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2018-18311 (2018-12-07)

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2015-8853 (2016-05-25)

The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."

CVE-2013-1667 (2013-03-14)

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

CVE-2010-4777 (2014-02-10)

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.

CVE-2010-1158 (2010-04-20)

Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string.

CVE-2009-3626 (2009-10-29)

Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.

CVE-2008-1927 (2008-04-24)

Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.

CVE-2005-3962 (2005-12-01)

Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.

CVE-2007-5116 (2007-11-07)

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

CVE-2012-5195 (2012-12-18)

Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

CVE-2016-2381 (2016-04-08)

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.

CVE-2003-0900 (2003-12-31)

Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.

https://bugzilla.redhat.com/bugzilla/long_list.cgi?buglist=108711

CVE-2013-7422 (2015-08-16)

Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression.

CVE-2011-1487 (2011-04-11)

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

CVE-2023-47100

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

CVE-2024-56406 (2025-04-13)

A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.

CVE-2023-47039 (2023-10-30)

Perl for Windows relies on the system path environment variable to find the shell (cmd.exe). When running an executable which uses Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system. However, due to path search order issues, Perl initially looks for cmd.exe in the current working directory. An attacker with limited privileges can exploit this behavior by placing cmd.exe in locations with weak permissions, such as C:\ProgramData. By doing so, when an administrator attempts to use this executable from these compromised locations, arbitrary code can be executed.

CVE-2016-1238 (2016-08-02)

(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.

CVE-2015-8608 (2017-02-07)

The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.

NAME

basic.pod - Test of various basic POD features in translators.

HEADINGS

Try a few different levels of headings, with embedded formatting codes and other interesting bits.

This `is` a "level 1" heading

``Level'' "2 heading

Level 3 heading with `weird stuff "" (double quote)`

Level "4 `heading`

Now try again with intermixed text.

This `is` a "level 1" heading

Text.

``Level'' 2 heading

Text.

Level 3 heading with `weird stuff`

Text.

Level "4 `heading`

Text.

LINKS

These are all taken from the Pod::Parser tests.

Try out LOTS of different ways of specifying references:

Reference the "section" in manpage

Reference the " section" in manpage

Reference the "section" in manpage

Reference the "section"" in "manpage

Reference the "section" in "manpage"

Reference the "section" in manpage

Reference the " section" in manpage

Reference the "section" in manpage

Now try it using the new "|" stuff ...

Reference the thistext|

Reference the thistext |

Reference the thistext|

Reference the thistext |

Reference the thistext|

Reference the thistext |

Reference the thistext|

Reference the thistext |

And then throw in a few new ones of my own.

" baz boo" in foo bar

" boo" in foo bar baz

"boo var baz"

"bar baz"

" baz boo"" in "boo bar baz

"boo", "bar", and "baz"

foobar

Testing italics

"Italic text" in foo

"Section with other markup" in foo|bar

Nested

OVER AND ITEMS

Taken from Pod::Parser tests, this is a test to ensure that multiline =item paragraphs get indented appropriately.

This is a test.

There should be whitespace now before this line.

Taken from Pod::Parser tests, this is a test to ensure the nested =item paragraphs get indented appropriately.

First section.

a

this is item a

b

this is item b
Second section.

a

this is item a

b

this is item b

c

d

This is item c & d.

Now some additional weirdness of our own. Make sure that multiple tags for one paragraph are properly compacted.

"foo"

bar

baz

There shouldn't be any spaces between any of these item tags; this idiom is used in perlfunc.

Some longer item text

Just to make sure that we test paragraphs where the item text doesn't fit in the margin of the paragraph (and make sure that this paragraph fills a few lines).

Let's also make it multiple paragraphs to be sure that works.

Test use of =over without =item as a block "quote" or block paragraph.

This should be indented four spaces but otherwise formatted the same as any other regular text paragraph. Make sure it's long enough to see the results of the formatting.....

Now try the same thing nested, and make sure that the indentation is reset back properly.

This paragraph should be doubly indented.

This paragraph should only be singly indented.

This is an item in the middle of a block-quote, which should be allowed.
We're also testing tagless item commands.

Should be back to the single level of indentation.

Should be back to regular indentation.

Now also check the transformation of * into real bullets for man pages.

An item. We're also testing using =over without a number, and making sure that item text wraps properly.
Another item.

and now test the numbering of item blocks.

First item.
Second item.

FORMATTING CODES

Another test taken from Pod::Parser.

This is a test to see if I can do not only $self and method(), but also $self->method() and $self->{FIELDNAME} and $Foo <=> $Bar without resorting to escape sequences. If I want to refer to the right-shift operator I can do something like $x >> 3 or even $y >> 5.

Now for the grand finale of $self->method()->{FIELDNAME} = {FOO=>BAR}. And I also want to make sure that newlines work like this $self->{FOOBAR} >> 3 and [$b => $a]->[$a <=> $b]

Of course I should still be able to do all this with escape sequences too: $self->method() and $self->{FIELDNAME} and {FOO=>BAR}.

Dont forget $self->method()->{FIELDNAME} = {FOO=>BAR}.

And make sure that 0 works too!

Now, if I use << or >> as my delimiters, then I have to use whitespace. So things like <$self-method()>> and <$self-{FIELDNAME}>> wont end up doing what you might expect since the first > will still terminate the first < seen.

Lets make sure these work for empty ones too, like >> and >> (just to be obnoxious)

The statement: This is dog kind's finest hour! is a parody of a quotation from Winston Churchill.

The following tests are added to those:

Make sure that a few other odd things still work. This should be a vertical bar: |. Here's a test of a few more special escapes that have to be supported:

&: An ampersand.
': An apostrophe.
<: A less-than sign.
>: A greater-than sign.
": A double quotation mark.
/: A forward slash.

Try to get this bit of text over towards the edge so |that all of this text inside S<> won't| be wrapped. Also test the |same thing with non-breaking spaces.|

There is a soft hyphen in hyphen at hy-phen.

This is a test of an index entry.

VERBATIM

Throw in a few verbatim paragraphs.

use Term::ANSIColor;
print color 'bold blue';
print "This text is bold blue.\n";
print color 'reset';
print "This text is normal.\n";
print colored ("Yellow on magenta.\n", 'yellow on_magenta');
print "This text is normal.\n";
print colored ['yellow on_magenta'], "Yellow on magenta.\n";

use Term::ANSIColor qw(uncolor);
print uncolor '01;31', "\n";

But this isn't verbatim (make sure it wraps properly), and the next paragraph is again:

use Term::ANSIColor qw(:constants);
print BOLD, BLUE, "This text is in bold blue.\n", RESET;

use Term::ANSIColor qw(:constants); $Term::ANSIColor::AUTORESET = 1; print BOLD BLUE "This text is in bold blue.\n"; print "This text is normal.\n";

(Ugh, that's obnoxiously long.) Try different spacing:

	Starting with a tab.
Not
starting
with
a
tab.  But this should still be verbatim.
 As should this.

This isn't.

This is.  And this:	is an internal tab.  It should be:
                   |--| <= lined up with that.

(Tricky, but tabs should be expanded before the translator starts in on the text since otherwise text with mixed tabs and spaces will get messed up.)

And now we test verbatim paragraphs right before a heading.  Older
versions of Pod::Man generated two spaces between paragraphs like this
and the heading.  (In order to properly test this, one may have to
visually inspect the nroff output when run on the generated *roff
text, unfortunately.)

CONCLUSION

That's all, folks!

2 POD Errors

The following errors were encountered while parsing the POD:

Around line 130:: Nested L<> are illegal. Pretending inner one is X<...> so can continue looking for other errors.
Around line 316:: Unterminated C< ... > sequence

To install Env, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Env

CPAN shell

perl -MCPAN -e shell
install Env

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

HEADINGS

This is a "level 1" heading

``Level'' "2 heading

Level 3 heading with weird stuff "" (double quote)

Level "4 heading

This is a "level 1" heading

``Level'' 2 heading

Level 3 heading with weird stuff

Level "4 heading

LINKS

OVER AND ITEMS

FORMATTING CODES

VERBATIM

CONCLUSION

Module Install Instructions

Keyboard Shortcuts

This `is` a "level 1" heading

Level 3 heading with `weird stuff "" (double quote)`

Level "4 `heading`

This `is` a "level 1" heading

Level 3 heading with `weird stuff`

Level "4 `heading`