Security Advisories (24)

CVE-2026-8376 (2026-05-25)

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perl_study_chunk in regcomp_study.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a large minimum count, the byte length mincount * l could overflow SSize_t, producing an undersized SvGROW allocation; the subsequent copy writes past the end of the buffer. A caller that compiles an attacker-controlled regular expression on a 32-bit perl build triggers a heap buffer overflow at compile time.

https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c.patch

CVE-2016-1238 (2016-08-02)

(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.

CVE-2023-47039 (2023-10-30)

Perl for Windows relies on the system path environment variable to find the shell (cmd.exe). When running an executable which uses Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system. However, due to path search order issues, Perl initially looks for cmd.exe in the current working directory. An attacker with limited privileges can exploit this behavior by placing cmd.exe in locations with weak permissions, such as C:\ProgramData. By doing so, when an administrator attempts to use this executable from these compromised locations, arbitrary code can be executed.

CVE-2020-10543 (2020-06-05)

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

CVE-2020-12723 (2020-06-05)

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.

CVE-2011-0761 (2011-05-13)

Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) readdir, (3) closedir, (4) getsockname, (5) rewinddir, (6) tell, or (7) telldir function call.

CVE-2023-47100

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

CVE-2020-10878 (2020-06-05)

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.

CVE-2018-18313 (2018-12-07)

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

CVE-2010-4777 (2014-02-10)

The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash.

CVE-2011-1487 (2011-04-11)

The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

CVE-2026-4176 (2026-03-29)

Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of zlib which has several vulnerabilities, including CVE-2026-27171. The bundled Compress::Raw::Zlib was updated to version 2.221 in Perl blead commit c75ae9cc164205e1b6d6dbd57bd2c65c8593fe94.

CVE-2015-8608 (2017-02-07)

The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.

CVE-2011-2728 (2012-12-21)

The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.

CVE-2018-6913 (2018-04-17)

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

CVE-2018-18314 (2018-12-07)

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2018-18312 (2018-12-05)

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2018-18311 (2018-12-07)

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVE-2015-8853 (2016-05-25)

The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."

CVE-2013-1667 (2013-03-14)

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

CVE-2009-3626 (2009-10-29)

Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.

CVE-2012-5195 (2012-12-18)

Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service (memory consumption and crash) or possibly execute arbitrary code via the 'x' string repeat operator.

CVE-2016-2381 (2016-04-08)

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.

CVE-2013-7422 (2015-08-16)

Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long digit string associated with an invalid backreference within a regular expression.

NAME

CPANPLUS::inc

DESCRIPTION

OBSOLETE

NAME

CPANPLUS::inc - runtime inclusion of privately bundled modules

SYNOPSIS

### set up CPANPLUS::inc to do it's thing ###
BEGIN { use CPANPLUS::inc };

### enable debugging ###
use CPANPLUS::inc qw[DEBUG];

DESCRIPTION

This module enables the use of the bundled modules in the CPANPLUS/inc directory of this package. These modules are bundled to make sure CPANPLUS is able to bootstrap itself. It will do the following things:

Put a coderef at the beginning of @INC: This allows us to decide which module to load, and where to find it. For details on what we do, see the INTERESTING MODULES section below. Also see the CAVEATS section.
Add the full path to the CPANPLUS/inc directory to $ENV{PERL5LIB.: This allows us to find our bundled modules even if we spawn off a new process. Although it's not able to do the selective loading as the coderef in @INC could, it's a good fallback.

METHODS

CPANPLUS::inc->inc_path()

Returns the full path to the CPANPLUS/inc directory.

CPANPLUS::inc->my_path()

Returns the full path to be added to @INC to load CPANPLUS::inc from.

CPANPLUS::inc->installer_path()

Returns the full path to the CPANPLUS/inc/installers directory.

CPANPLUS::inc->original_perl5lib

Returns the value of $ENV{PERL5LIB} the way it was when CPANPLUS::inc got loaded.

CPANPLUS::inc->original_perl5opt

Returns the value of $ENV{PERL5OPT} the way it was when CPANPLUS::inc got loaded.

CPANPLUS::inc->original_inc

Returns the value of @INC the way it was when CPANPLUS::inc got loaded.

CPANPLUS::inc->limited_perl5opt(@modules);

Returns a string you can assign to $ENV{PERL5OPT} to have a limited include facility from CPANPLUS::inc. It will roughly look like:

-I/path/to/cpanplus/inc -MCPANPLUS::inc=module1,module2

CPANPLUS::inc->interesting_modules()

Returns a hashref with modules we're interested in, and the minimum version we need to find.

It would looks something like this:

{   File::Fetch             => 0.06,
    IPC::Cmd                => 0.22,
    ....
}

INTERESTING MODULES

CPANPLUS::inc doesn't even bother to try find and find a module it's not interested in. A list of interesting modules can be obtained using the interesting_modules method described above.

Note that all subclassed modules of an interesting module will also be attempted to be loaded, but a version will not be checked.

When it however does encounter a module it is interested in, it will do the following things:

Loop over your @INC

And for every directory it finds there (skipping all non directories -- see the CAVEATS section), see if the module requested can be found there.

Check the version on every suitable module found in @INC

After a list of modules has been gathered, the version of each of them is checked to find the one with the highest version, and return that as the module to use.

This enables us to use a recent enough version from our own bundled modules, but also to use a newer module found in your path instead, if it is present. Thus having access to bugfixed versions as they are released.

If for some reason no satisfactory version could be found, a warning will be emitted. See the DEBUG section for more details on how to find out exactly what CPANPLUS::inc is doing.

DEBUG

Since this module does Clever Things to your search path, it might be nice sometimes to figure out what it's doing, if things don't work as expected. You can enable a debug trace by calling the module like this:

use CPANPLUS::inc 'DEBUG';

This will show you what CPANPLUS::inc is doing, which might look something like this:

CPANPLUS::inc: Found match for 'Params::Check' in
'/opt/lib/perl5/site_perl/5.8.3' with version '0.07'
CPANPLUS::inc: Found match for 'Params::Check' in
'/my/private/lib/CPANPLUS/inc' with version '0.21'
CPANPLUS::inc: Best match for 'Params::Check' is found in
'/my/private/lib/CPANPLUS/inc' with version '0.21'

CAVEATS

This module has 2 major caveats, that could lead to unexpected behaviour. But currently I don't know how to fix them, Suggestions are much welcomed.

On multiple use lib calls, our coderef may not be the first in @INC: If this happens, although unlikely in most situations and not happening when calling the shell directly, this could mean that a lower (too low) versioned module is loaded, which might cause failures in the application.
Non-directories in @INC: Non-directories are right now skipped by CPANPLUS::inc. They could of course lead us to newer versions of a module, but it's too tricky to verify if they would. Therefor they are skipped. In the worst case scenario we'll find the sufficing version bundled with CPANPLUS.

1 POD Error

The following errors were encountered while parsing the POD:

Around line 495:: =over without closing =back

To install mro, copy and paste the appropriate command in to your terminal.

cpanm

cpanm mro

CPAN shell

perl -MCPAN -e shell
install mro

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

DESCRIPTION

NAME

SYNOPSIS

DESCRIPTION

METHODS

CPANPLUS::inc->inc_path()

CPANPLUS::inc->my_path()

CPANPLUS::inc->installer_path()

CPANPLUS::inc->original_perl5lib

CPANPLUS::inc->original_perl5opt

CPANPLUS::inc->original_inc

CPANPLUS::inc->limited_perl5opt(@modules);

CPANPLUS::inc->interesting_modules()

INTERESTING MODULES

DEBUG

CAVEATS

Module Install Instructions

Keyboard Shortcuts