Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
dev-lang
The dev-lang category contains various programming language implementations and related tools.
Packages
Stabilization
16
Outdated
38
Pull requests
22
Bugs
640
Security
39
Security Bug Reports
dev-lang/nasm: multiple vulnerabilities
686722 - Assigned to Gentoo Security
dev-lang/lua: Multiple vulnerabilities (CVE-2019-6706, CVE-2020-{15945,15888,15889,24342,24369,24370,24371})
717780 - Assigned to Gentoo Security
<dev-lang/erlang-23.1.1: httpd directory traversal (CVE-2020-25623)
749345 - Assigned to Gentoo Security
<dev-lang/R-4.0.4: code execution via malicious CRAN package (CVE-2020-27637)
765361 - Assigned to Gentoo Security
<dev-lang/erlang-23.2.2: Invalid TLS certificate validation (CVE-2020-35733)
765796 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
795312 - Assigned to Gentoo Security
dev-lang/nim: multiple vulnerabilities
807610 - Assigned to Gentoo Security
dev-lang/nasm: multiple vulnerabilities
810423 - Assigned to Gentoo Security
<dev-lang/duktape-2.7.0: segmentation fault in duk_push_tval
831659 - Assigned to Gentoo Security
<dev-lang/lua-5.4.4: UAF leading to sandbox escape
835340 - Assigned to Gentoo Security
dev-lang/squirrel: multiple vulnerabilities
843155 - Assigned to Gentoo Security
<dev-lang/lua-5.4.6: heap buffer overflow in recursive errors
856463 - Assigned to Gentoo Security
dev-lang/yasm: multiple vulnerabilities
862112 - Assigned to Gentoo Security
dev-lang/starlark-rust: 'cargo audit' reports one or more bundled CRATES as vulnerable
864043 - Assigned to Gentoo Security
<dev-lang/python-{3.8.13_p8, 3.9.13_p6, 3.10.6_p4, 3.11.0_rc1_p2}, dev-python/pypy{,3}: Denial of service via abuse of bignum int type
868150 - Assigned to Gentoo Security
<dev-lang/erlang-{24.3.4.2,25.0.2}: client authentication bypass
872272 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
905089 - Assigned to Gentoo Security
<dev-lang/perl-5.36.1-r2: HTTP::Tiny certificate verification off by default
905296 - Assigned to Gentoo Security
dev-lang/lua: heap buffer overread
905319 - Assigned to Gentoo Security
dev-lang/mono: nuget credential leak
908612 - Assigned to Gentoo Security
dev-lang/jerryscript: multiple vulnerabilities
918550 - Assigned to Gentoo Security
<dev-lang/perl-5.38.2 : Write past buffer end via illegal user-defined Unicode property
918612 - Assigned to Gentoo Security
<dev-lang/erlang-26.2.1: Terrapin vulnerability
920682 - Assigned to Gentoo Security
<dev-lang/python-{3.11.9,3.12.3}, <dev-python/pypy3_{9,10}-7.3.16: concurrency issues in collections.deque.index() and certificate store access in ssl module
929045 - Assigned to Gentoo Security
<dev-lang/ruby-{3.1.5,3.2.4,3.3.1}: Multiple Vulnerabilities
930533 - Assigned to Gentoo Security
<dev-lang/R-4.4.1: arbitrary code execution in R's deserialization
930936 - Assigned to Gentoo Security
<dev-lang/spidermonkey-115.12.0: Multiple vulnerabilities
935552 - Assigned to Gentoo Security
<dev-lang/spidermonkey-115.13.0: Multiple vulnerabilities
936217 - Assigned to Gentoo Security
<dev-lang/python-{3.8.19_p3,3.9.19_p4,3.10.14_p2,3.11.9_p1,3.12.4_p3,3.13.0_rc1_p1}, <dev-python/pypy3_{9,10}-7.3.16_p1: Email header injection due to unquoted newlines
937124 - Assigned to Gentoo Security
dev-lang/orc: Stack-based buffer overflow when formatting error messages for certain input files.
937127 - Assigned to Gentoo Security
<dev-lang/spidermonkey-115.14.0: multiple vulnerabilities
937469 - Assigned to Gentoo Security
<dev-lang/python-{3.8.19_p4,3.9.19_p5,3.10.14_p3,3.11.9_p2,3.12.4_p4,3.12.5_p1,3.13.0_rc1_p2}, <dev-python/pypy3_{9,10}-7.3.16_p2: Multiple vulnerabilities
938432 - Assigned to Gentoo Security
<dev-lang/python-{3.8.20,3.9.20,3.10.15,3.11.10,3.12.6,3.13.0_rc2}, dev-python/pypy3_9, <dev-python/pypy3_10-7.3.17_p1: Regular-expression DoS when parsing TarFile headers
939206 - Assigned to Gentoo Security
<dev-lang/spidermonkey-115.16.0: multiple vulnerabilities
941171 - Assigned to Gentoo Security
<dev-lang/spidermonkey-115.15.0: multiple vulnerabilities
941176 - Assigned to Gentoo Security
<dev-lang/php-{8.1.30,8.2.24,8.3.12}: multiple vulnerabilities
941598 - Assigned to Gentoo Security
dev-lang/python: Virtual environment (venv) activation scripts don't quote paths
942077 - Assigned to Gentoo Security
dev-lang/spidermonkey: multiple vulnerabilities
942471 - Assigned to Gentoo Security
dev-lang/R-4.4.1 double to long int casts overflows gc variable in memory.c
943342 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.
Packages