Perl up to 5.24.2/5.26.0 win32/perlhost.h CPerlHost::Add Environment Variable memory corruption
A vulnerability was found in Perl up to 5.24.2/5.26.0 (Programming Language Software). It has been rated as critical. Affected by this issue is the function
CPerlHost::Add of the file win32/perlhost.h. Upgrading to version 5.24.3-RC1 or 5.26.1-RC1 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at perl5.git.perl.org. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published before and not just after the disclosure of the vulnerability.
The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.
Do you want to use VulDB in your project?
Use the official API to access entries easily!