A critical security vulnerability (CVE-2021-3177) that allows for buffer overrun exploits, such as denial of service or the running of malicious code, affects Python 2. As such, we have released a fix for Python 2 as part of our Python 2 End of Life extended support. We have also made the source code available for security experts and open source maintainers to review and incorporate into their projects.
ActiveState has released Perl 5.32.1 which includes memory leak fixes for Data::Dumper, as well as upgrades to DynaLoader, Module::CoreList, Opcode and Safe. This release also includes warnings about evaluating untrusted code with the perl interpreter. Create a Perl 5.32.1 runtime environment for your project by selecting “Custom Perl Build”.
Security/CVE Reports via API
January 2021All Tiers
Our Build Graph API provides a programmatic interface to the ActiveState Platform you can query to quickly obtain details about your Python or Perl project, as well as access the source code for dependencies in your environment. It will now also provide you with:
Number and severity level of all vulnerabilities in your environment