Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-12837 (GCVE-0-2017-12837)
Vulnerability from cvelistv5
Published
2017-09-19 18:00
Modified
2024-08-05 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:51:06.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3982",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"name": "100860",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100860"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180426-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-15T02:22:55",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3982",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"name": "100860",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100860"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180426-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3982",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"name": "100860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100860"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1",
"refsource": "CONFIRM",
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"name": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1",
"refsource": "CONFIRM",
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180426-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180426-0001/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"name": "https://rt.perl.org/Public/Bug/Display.html?id=131582",
"refsource": "CONFIRM",
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"name": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5",
"refsource": "CONFIRM",
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-12837",
"datePublished": "2017-09-19T18:00:00",
"dateReserved": "2017-08-11T00:00:00",
"dateUpdated": "2024-08-05T18:51:06.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-12837\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-09-19T18:29:00.167\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\\\N{}\u0027 escape and the case-insensitive modifier.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n S_regatom en el archivo regcomp.c en Perl 5 anterior a versi\u00f3n 5.24.3-RC1 y versi\u00f3n 5.26.x anterior a 5.26.1-RC1, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (escritura fuera de l\u00edmites) por medio de una expresi\u00f3n regular con un escape \u0027\\\\N{}\u0027 y el modificador que no distingue entre may\u00fasculas y min\u00fasculas.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.24.2\",\"matchCriteriaId\":\"DB276E2C-622C-45EB-8378-35751366049F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:perl:perl:5.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B71CAECA-2A6A-4604-863F-3C1C055FB1CE\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3982\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/100860\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1492091\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://rt.perl.org/Public/Bug/Display.html?id=131582\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180426-0001/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3982\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/100860\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1492091\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://rt.perl.org/Public/Bug/Display.html?id=131582\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20180426-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
fkie_cve-2017-12837
Vulnerability from fkie_nvd
Published
2017-09-19 18:29
Modified
2025-04-20 01:37
Severity ?
Summary
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3982 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/100860 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1492091 | Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5 | Patch, Vendor Advisory | |
| cve@mitre.org | https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1 | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://rt.perl.org/Public/Bug/Display.html?id=131582 | ||
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20180426-0001/ | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpujul2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100860 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1492091 | Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rt.perl.org/Public/Bug/Display.html?id=131582 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180426-0001/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2020.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB276E2C-622C-45EB-8378-35751366049F",
"versionEndIncluding": "5.24.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:perl:perl:5.26.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B71CAECA-2A6A-4604-863F-3C1C055FB1CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n S_regatom en el archivo regcomp.c en Perl 5 anterior a versi\u00f3n 5.24.3-RC1 y versi\u00f3n 5.26.x anterior a 5.26.1-RC1, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (escritura fuera de l\u00edmites) por medio de una expresi\u00f3n regular con un escape \u0027\\N{}\u0027 y el modificador que no distingue entre may\u00fasculas y min\u00fasculas."
}
],
"id": "CVE-2017-12837",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-19T18:29:00.167",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100860"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"source": "cve@mitre.org",
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20180426-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20180426-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2017-12837
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-12837",
"description": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier.",
"id": "GSD-2017-12837",
"references": [
"https://www.suse.com/security/cve/CVE-2017-12837.html",
"https://www.debian.org/security/2017/dsa-3982",
"https://ubuntu.com/security/CVE-2017-12837",
"https://advisories.mageia.org/CVE-2017-12837.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-12837"
],
"details": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier.",
"id": "GSD-2017-12837",
"modified": "2023-12-13T01:21:03.639334Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3982",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"name": "100860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100860"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"name": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1",
"refsource": "CONFIRM",
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"name": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1",
"refsource": "CONFIRM",
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180426-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180426-0001/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"name": "https://rt.perl.org/Public/Bug/Display.html?id=131582",
"refsource": "CONFIRM",
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"name": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5",
"refsource": "CONFIRM",
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:perl:perl:5.26.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.24.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12837"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"name": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1",
"refsource": "CONFIRM",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"name": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"name": "100860",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100860"
},
{
"name": "https://rt.perl.org/Public/Bug/Display.html?id=131582",
"refsource": "CONFIRM",
"tags": [],
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"name": "DSA-3982",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180426-0001/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20180426-0001/"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2020.html",
"refsource": "MISC",
"tags": [],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-07-15T03:15Z",
"publishedDate": "2017-09-19T18:29Z"
}
}
}
suse-su-2017:3092-1
Vulnerability from csaf_suse
Published
2017-11-24 15:19
Modified
2017-11-24 15:19
Summary
Security update for perl
Notes
Title of the patch
Security update for perl
Description of the patch
This update for perl fixes the following issues:
Security issues fixed:
- CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before
5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service
(out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive
modifier. (bnc#1057724)
- CVE-2017-12883: Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before
5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information
or cause a denial of service (application crash) via a crafted regular expression with an invalid
'\N{U+...}' escape. (bnc#1057721)
- CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the File-Path module
before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving
directory-permission loosening logic. (bnc#1047178)
Bug fixes:
- backport set_capture_string changes from upstream (bsc#999735)
- reformat baselibs.conf as source validator workaround
Patchnames
SUSE-CAASP-ALL-2017-1903,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1903,SUSE-SLE-DESKTOP-12-SP2-2017-1903,SUSE-SLE-DESKTOP-12-SP3-2017-1903,SUSE-SLE-RPI-12-SP2-2017-1903,SUSE-SLE-SERVER-12-SP2-2017-1903,SUSE-SLE-SERVER-12-SP3-2017-1903
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for perl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for perl fixes the following issues:\n\nSecurity issues fixed:\n- CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before\n 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service\n (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive\n modifier. (bnc#1057724)\n- CVE-2017-12883: Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before\n 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information\n or cause a denial of service (application crash) via a crafted regular expression with an invalid\n \u0027\\N{U+...}\u0027 escape. (bnc#1057721)\n- CVE-2017-6512: Race condition in the rmtree and remove_tree functions in the File-Path module\n before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving\n directory-permission loosening logic. (bnc#1047178)\n\nBug fixes:\n- backport set_capture_string changes from upstream (bsc#999735)\n- reformat baselibs.conf as source validator workaround\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-CAASP-ALL-2017-1903,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1903,SUSE-SLE-DESKTOP-12-SP2-2017-1903,SUSE-SLE-DESKTOP-12-SP3-2017-1903,SUSE-SLE-RPI-12-SP2-2017-1903,SUSE-SLE-SERVER-12-SP2-2017-1903,SUSE-SLE-SERVER-12-SP3-2017-1903",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3092-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:3092-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173092-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:3092-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003416.html"
},
{
"category": "self",
"summary": "SUSE Bug 1047178",
"url": "https://bugzilla.suse.com/1047178"
},
{
"category": "self",
"summary": "SUSE Bug 1057721",
"url": "https://bugzilla.suse.com/1057721"
},
{
"category": "self",
"summary": "SUSE Bug 1057724",
"url": "https://bugzilla.suse.com/1057724"
},
{
"category": "self",
"summary": "SUSE Bug 999735",
"url": "https://bugzilla.suse.com/999735"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12837 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12883 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6512 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6512/"
}
],
"title": "Security update for perl",
"tracking": {
"current_release_date": "2017-11-24T15:19:55Z",
"generator": {
"date": "2017-11-24T15:19:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:3092-1",
"initial_release_date": "2017-11-24T15:19:55Z",
"revision_history": [
{
"date": "2017-11-24T15:19:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "perl-5.18.2-12.3.1.aarch64",
"product": {
"name": "perl-5.18.2-12.3.1.aarch64",
"product_id": "perl-5.18.2-12.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "perl-base-5.18.2-12.3.1.aarch64",
"product": {
"name": "perl-base-5.18.2-12.3.1.aarch64",
"product_id": "perl-base-5.18.2-12.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "perl-doc-5.18.2-12.3.1.noarch",
"product": {
"name": "perl-doc-5.18.2-12.3.1.noarch",
"product_id": "perl-doc-5.18.2-12.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "perl-5.18.2-12.3.1.ppc64le",
"product": {
"name": "perl-5.18.2-12.3.1.ppc64le",
"product_id": "perl-5.18.2-12.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-base-5.18.2-12.3.1.ppc64le",
"product": {
"name": "perl-base-5.18.2-12.3.1.ppc64le",
"product_id": "perl-base-5.18.2-12.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "perl-5.18.2-12.3.1.s390x",
"product": {
"name": "perl-5.18.2-12.3.1.s390x",
"product_id": "perl-5.18.2-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-32bit-5.18.2-12.3.1.s390x",
"product": {
"name": "perl-32bit-5.18.2-12.3.1.s390x",
"product_id": "perl-32bit-5.18.2-12.3.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-base-5.18.2-12.3.1.s390x",
"product": {
"name": "perl-base-5.18.2-12.3.1.s390x",
"product_id": "perl-base-5.18.2-12.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "perl-5.18.2-12.3.1.x86_64",
"product": {
"name": "perl-5.18.2-12.3.1.x86_64",
"product_id": "perl-5.18.2-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-32bit-5.18.2-12.3.1.x86_64",
"product": {
"name": "perl-32bit-5.18.2-12.3.1.x86_64",
"product_id": "perl-32bit-5.18.2-12.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-base-5.18.2-12.3.1.x86_64",
"product": {
"name": "perl-base-5.18.2-12.3.1.x86_64",
"product_id": "perl-base-5.18.2-12.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-base-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.18.2-12.3.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP2",
"product_id": "SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch"
},
"product_reference": "perl-doc-5.18.2-12.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-base-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.18.2-12.3.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
},
"product_reference": "perl-doc-5.18.2-12.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-base-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.18.2-12.3.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch"
},
"product_reference": "perl-doc-5.18.2-12.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-base-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-base-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-base-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-base-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.18.2-12.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch"
},
"product_reference": "perl-doc-5.18.2-12.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-base-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-base-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-base-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-base-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.18.2-12.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch"
},
"product_reference": "perl-doc-5.18.2-12.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-base-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-base-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-base-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-base-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.18.2-12.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
},
"product_reference": "perl-doc-5.18.2-12.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-32bit-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64"
},
"product_reference": "perl-base-5.18.2-12.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le"
},
"product_reference": "perl-base-5.18.2-12.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x"
},
"product_reference": "perl-base-5.18.2-12.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.18.2-12.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64"
},
"product_reference": "perl-base-5.18.2-12.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.18.2-12.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
},
"product_reference": "perl-doc-5.18.2-12.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-12837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12837"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12837",
"url": "https://www.suse.com/security/cve/CVE-2017-12837"
},
{
"category": "external",
"summary": "SUSE Bug 1057724 for CVE-2017-12837",
"url": "https://bugzilla.suse.com/1057724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-24T15:19:55Z",
"details": "low"
}
],
"title": "CVE-2017-12837"
},
{
"cve": "CVE-2017-12883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12883"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid \u0027\\N{U+...}\u0027 escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12883",
"url": "https://www.suse.com/security/cve/CVE-2017-12883"
},
{
"category": "external",
"summary": "SUSE Bug 1057721 for CVE-2017-12883",
"url": "https://bugzilla.suse.com/1057721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-24T15:19:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-12883"
},
{
"cve": "CVE-2017-6512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6512"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6512",
"url": "https://www.suse.com/security/cve/CVE-2017-6512"
},
{
"category": "external",
"summary": "SUSE Bug 1042218 for CVE-2017-6512",
"url": "https://bugzilla.suse.com/1042218"
},
{
"category": "external",
"summary": "SUSE Bug 1047178 for CVE-2017-6512",
"url": "https://bugzilla.suse.com/1047178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:perl-doc-5.18.2-12.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-32bit-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-base-5.18.2-12.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:perl-doc-5.18.2-12.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-24T15:19:55Z",
"details": "moderate"
}
],
"title": "CVE-2017-6512"
}
]
}
opensuse-su-2024:11158-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
perl-32bit-5.34.0-1.1 on GA media
Notes
Title of the patch
perl-32bit-5.34.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the perl-32bit-5.34.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11158
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "perl-32bit-5.34.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the perl-32bit-5.34.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11158",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11158-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2005-3962 page",
"url": "https://www.suse.com/security/cve/CVE-2005-3962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-5116 page",
"url": "https://www.suse.com/security/cve/CVE-2007-5116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12814 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12837 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12883 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18311 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18311/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18312 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10543 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-10878 page",
"url": "https://www.suse.com/security/cve/CVE-2020-10878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12723 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12723/"
}
],
"title": "perl-32bit-5.34.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11158-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "perl-5.34.0-1.1.aarch64",
"product": {
"name": "perl-5.34.0-1.1.aarch64",
"product_id": "perl-5.34.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "perl-32bit-5.34.0-1.1.aarch64",
"product": {
"name": "perl-32bit-5.34.0-1.1.aarch64",
"product_id": "perl-32bit-5.34.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "perl-base-5.34.0-1.1.aarch64",
"product": {
"name": "perl-base-5.34.0-1.1.aarch64",
"product_id": "perl-base-5.34.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "perl-base-32bit-5.34.0-1.1.aarch64",
"product": {
"name": "perl-base-32bit-5.34.0-1.1.aarch64",
"product_id": "perl-base-32bit-5.34.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "perl-doc-5.34.0-1.1.aarch64",
"product": {
"name": "perl-doc-5.34.0-1.1.aarch64",
"product_id": "perl-doc-5.34.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "perl-5.34.0-1.1.ppc64le",
"product": {
"name": "perl-5.34.0-1.1.ppc64le",
"product_id": "perl-5.34.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-32bit-5.34.0-1.1.ppc64le",
"product": {
"name": "perl-32bit-5.34.0-1.1.ppc64le",
"product_id": "perl-32bit-5.34.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-base-5.34.0-1.1.ppc64le",
"product": {
"name": "perl-base-5.34.0-1.1.ppc64le",
"product_id": "perl-base-5.34.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-base-32bit-5.34.0-1.1.ppc64le",
"product": {
"name": "perl-base-32bit-5.34.0-1.1.ppc64le",
"product_id": "perl-base-32bit-5.34.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "perl-doc-5.34.0-1.1.ppc64le",
"product": {
"name": "perl-doc-5.34.0-1.1.ppc64le",
"product_id": "perl-doc-5.34.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "perl-5.34.0-1.1.s390x",
"product": {
"name": "perl-5.34.0-1.1.s390x",
"product_id": "perl-5.34.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-32bit-5.34.0-1.1.s390x",
"product": {
"name": "perl-32bit-5.34.0-1.1.s390x",
"product_id": "perl-32bit-5.34.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-base-5.34.0-1.1.s390x",
"product": {
"name": "perl-base-5.34.0-1.1.s390x",
"product_id": "perl-base-5.34.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-base-32bit-5.34.0-1.1.s390x",
"product": {
"name": "perl-base-32bit-5.34.0-1.1.s390x",
"product_id": "perl-base-32bit-5.34.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "perl-doc-5.34.0-1.1.s390x",
"product": {
"name": "perl-doc-5.34.0-1.1.s390x",
"product_id": "perl-doc-5.34.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "perl-5.34.0-1.1.x86_64",
"product": {
"name": "perl-5.34.0-1.1.x86_64",
"product_id": "perl-5.34.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-32bit-5.34.0-1.1.x86_64",
"product": {
"name": "perl-32bit-5.34.0-1.1.x86_64",
"product_id": "perl-32bit-5.34.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-base-5.34.0-1.1.x86_64",
"product": {
"name": "perl-base-5.34.0-1.1.x86_64",
"product_id": "perl-base-5.34.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-base-32bit-5.34.0-1.1.x86_64",
"product": {
"name": "perl-base-32bit-5.34.0-1.1.x86_64",
"product_id": "perl-base-32bit-5.34.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "perl-doc-5.34.0-1.1.x86_64",
"product": {
"name": "perl-doc-5.34.0-1.1.x86_64",
"product_id": "perl-doc-5.34.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64"
},
"product_reference": "perl-5.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le"
},
"product_reference": "perl-5.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.s390x"
},
"product_reference": "perl-5.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64"
},
"product_reference": "perl-5.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64"
},
"product_reference": "perl-32bit-5.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le"
},
"product_reference": "perl-32bit-5.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x"
},
"product_reference": "perl-32bit-5.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-32bit-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64"
},
"product_reference": "perl-32bit-5.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64"
},
"product_reference": "perl-base-5.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le"
},
"product_reference": "perl-base-5.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x"
},
"product_reference": "perl-base-5.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64"
},
"product_reference": "perl-base-5.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-32bit-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64"
},
"product_reference": "perl-base-32bit-5.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-32bit-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le"
},
"product_reference": "perl-base-32bit-5.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-32bit-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x"
},
"product_reference": "perl-base-32bit-5.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-base-32bit-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64"
},
"product_reference": "perl-base-32bit-5.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64"
},
"product_reference": "perl-doc-5.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le"
},
"product_reference": "perl-doc-5.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x"
},
"product_reference": "perl-doc-5.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perl-doc-5.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
},
"product_reference": "perl-doc-5.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-3962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2005-3962"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2005-3962",
"url": "https://www.suse.com/security/cve/CVE-2005-3962"
},
{
"category": "external",
"summary": "SUSE Bug 136360 for CVE-2005-3962",
"url": "https://bugzilla.suse.com/136360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2005-3962"
},
{
"cve": "CVE-2007-5116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-5116"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-5116",
"url": "https://www.suse.com/security/cve/CVE-2007-5116"
},
{
"category": "external",
"summary": "SUSE Bug 332199 for CVE-2007-5116",
"url": "https://bugzilla.suse.com/332199"
},
{
"category": "external",
"summary": "SUSE Bug 372331 for CVE-2007-5116",
"url": "https://bugzilla.suse.com/372331"
},
{
"category": "external",
"summary": "SUSE Bug 915514 for CVE-2007-5116",
"url": "https://bugzilla.suse.com/915514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2007-5116"
},
{
"cve": "CVE-2017-12814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12814"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12814",
"url": "https://www.suse.com/security/cve/CVE-2017-12814"
},
{
"category": "external",
"summary": "SUSE Bug 1057727 for CVE-2017-12814",
"url": "https://bugzilla.suse.com/1057727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2017-12814"
},
{
"cve": "CVE-2017-12837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12837"
}
],
"notes": [
{
"category": "general",
"text": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12837",
"url": "https://www.suse.com/security/cve/CVE-2017-12837"
},
{
"category": "external",
"summary": "SUSE Bug 1057724 for CVE-2017-12837",
"url": "https://bugzilla.suse.com/1057724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2017-12837"
},
{
"cve": "CVE-2017-12883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12883"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid \u0027\\N{U+...}\u0027 escape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12883",
"url": "https://www.suse.com/security/cve/CVE-2017-12883"
},
{
"category": "external",
"summary": "SUSE Bug 1057721 for CVE-2017-12883",
"url": "https://bugzilla.suse.com/1057721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-12883"
},
{
"cve": "CVE-2018-18311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18311"
}
],
"notes": [
{
"category": "general",
"text": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18311",
"url": "https://www.suse.com/security/cve/CVE-2018-18311"
},
{
"category": "external",
"summary": "SUSE Bug 1114674 for CVE-2018-18311",
"url": "https://bugzilla.suse.com/1114674"
},
{
"category": "external",
"summary": "SUSE Bug 1132018 for CVE-2018-18311",
"url": "https://bugzilla.suse.com/1132018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-18311"
},
{
"cve": "CVE-2018-18312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18312"
}
],
"notes": [
{
"category": "general",
"text": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18312",
"url": "https://www.suse.com/security/cve/CVE-2018-18312"
},
{
"category": "external",
"summary": "SUSE Bug 1114675 for CVE-2018-18312",
"url": "https://bugzilla.suse.com/1114675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-18312"
},
{
"cve": "CVE-2020-10543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10543"
}
],
"notes": [
{
"category": "general",
"text": "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10543",
"url": "https://www.suse.com/security/cve/CVE-2020-10543"
},
{
"category": "external",
"summary": "SUSE Bug 1171863 for CVE-2020-10543",
"url": "https://bugzilla.suse.com/1171863"
},
{
"category": "external",
"summary": "SUSE Bug 1225627 for CVE-2020-10543",
"url": "https://bugzilla.suse.com/1225627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-10543"
},
{
"cve": "CVE-2020-10878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-10878"
}
],
"notes": [
{
"category": "general",
"text": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-10878",
"url": "https://www.suse.com/security/cve/CVE-2020-10878"
},
{
"category": "external",
"summary": "SUSE Bug 1171864 for CVE-2020-10878",
"url": "https://bugzilla.suse.com/1171864"
},
{
"category": "external",
"summary": "SUSE Bug 1225627 for CVE-2020-10878",
"url": "https://bugzilla.suse.com/1225627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-10878"
},
{
"cve": "CVE-2020-12723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12723"
}
],
"notes": [
{
"category": "general",
"text": "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12723",
"url": "https://www.suse.com/security/cve/CVE-2020-12723"
},
{
"category": "external",
"summary": "SUSE Bug 1171866 for CVE-2020-12723",
"url": "https://bugzilla.suse.com/1171866"
},
{
"category": "external",
"summary": "SUSE Bug 1225627 for CVE-2020-12723",
"url": "https://bugzilla.suse.com/1225627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-32bit-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-base-5.34.0-1.1.x86_64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.aarch64",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.s390x",
"openSUSE Tumbleweed:perl-doc-5.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-12723"
}
]
}
ghsa-q52c-c9hv-jc77
Vulnerability from github
Published
2022-05-13 01:25
Modified
2025-04-20 03:45
Severity ?
VLAI Severity ?
Details
Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier.
{
"affected": [],
"aliases": [
"CVE-2017-12837"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-19T18:29:00Z",
"severity": "HIGH"
},
"details": "Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a \u0027\\N{}\u0027 escape and the case-insensitive modifier.",
"id": "GHSA-q52c-c9hv-jc77",
"modified": "2025-04-20T03:45:31Z",
"published": "2022-05-13T01:25:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12837"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492091"
},
{
"type": "WEB",
"url": "https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5"
},
{
"type": "WEB",
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.24.3-RC1"
},
{
"type": "WEB",
"url": "https://perl5.git.perl.org/perl.git/log/refs/tags/v5.26.1-RC1"
},
{
"type": "WEB",
"url": "https://rt.perl.org/Public/Bug/Display.html?id=131582"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180426-0001"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3982"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100860"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…