alsa-2025:11805
Vulnerability from osv_almalinux
Published
2025-07-28 00:00
Modified
2025-07-28 09:38
Summary
Moderate: perl security update
Details
Perl is a high-level programming language that is commonly used for system administration utilities and web programming.
Security Fix(es):
- perl: Perl threads have a working directory race condition where file operations may target unintended paths (CVE-2025-40909)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4:5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Attribute-Handlers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.99-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Devel-Peek"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.26-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Devel-SelfStubber"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.06-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Errno"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.28-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-ExtUtils-Embed"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.34-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-ExtUtils-Miniperl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.06-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-IO"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.38-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-IO-Zlib"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:1.10-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Locale-Maketext-Simple"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:0.21-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Math-Complex"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.59-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Memoize"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.03-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Module-Loaded"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:0.08-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Net-Ping"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.55-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Pod-Html"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.22.02-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-SelfLoader"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.23-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Test"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.30-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-Time-Piece"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.31-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4:5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-interpreter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4:5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-libnetcfg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4:5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4:5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-macros"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4:5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-open"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.11-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-tests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4:5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "perl-utils"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.26.3-423.el8_10"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Perl is a high-level programming language that is commonly used for system administration utilities and web programming. \n\nSecurity Fix(es): \n\n * perl: Perl threads have a working directory race condition where file operations may target unintended paths (CVE-2025-40909)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2025:11805",
"modified": "2025-07-28T09:38:48Z",
"published": "2025-07-28T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2025:11805"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2025-40909"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2369407"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2025-11805.html"
}
],
"related": [
"CVE-2025-40909"
],
"summary": "Moderate: perl security update"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…