Vulnerability Database
299,749
Total vulnerabilities in the database
CVE-2018-18313
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
| Software | From | Fixed in |
|---|---|---|
| perl / perl | - | 5.26.3 |
| canonical / ubuntu_linux | 16.04 | 16.04.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |
| canonical / ubuntu_linux | 12.04 | 12.04.x |
| canonical / ubuntu_linux | 18.04 | 18.04.x |
| canonical / ubuntu_linux | 18.10 | 18.10.x |
| debian / debian_linux | 9.0 | 9.0.x |
| redhat / enterprise_linux | 7.4 | 7.4.x |
| redhat / enterprise_linux | 7.0 | 7.0.x |
| redhat / enterprise_linux | 6.0 | 6.0.x |
| redhat / enterprise_linux | 7.5 | 7.5.x |
| redhat / enterprise_linux | 7.6 | 7.6.x |
| netapp / e-series_santricity_os_controller | 11.0 | 11.40.x |
| apple / mac_os_x | - | 10.14.4 |
- http://seclists.org/fulldisclosure/2019/Mar/49
- http://www.securitytracker.com/id/1042181
- https://access.redhat.com/errata/RHSA-2019:0001
- https://access.redhat.com/errata/RHSA-2019:0010
- https://bugzilla.redhat.com/show_bug.cgi?id=1646738
- https://github.com/Perl/perl5/commit/43b2f4ef399e2fd7240b4eeb0658686ad95f8e62
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM/
- https://metacpan.org/changes/release/SHAY/perl-5.26.3
- https://rt.perl.org/Ticket/Display.html?id=133192
- https://seclists.org/bugtraq/2019/Mar/42
- https://security.gentoo.org/glsa/201909-01
- https://security.netapp.com/advisory/ntap-20190221-0003/
- https://support.apple.com/kb/HT209600
- https://usn.ubuntu.com/3834-1/
- https://usn.ubuntu.com/3834-2/
- https://www.debian.org/security/2018/dsa-4347
- https://www.oracle.com/security-alerts/cpujul2020.html
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime