CPANSA-perl-2023-47038: perl vulnerability
Publisher |
giterlizzi |
Document category |
csaf_security_advisory |
Initial release date |
2023-10-30T00:00:00 |
Engine |
CSAF Perl Toolkit 0.25 |
Current release date |
2023-10-30T00:00:00 |
Build Date |
|
Current version |
1 |
Status |
final |
CVSS v3.1 Base Score |
7
|
Severity |
|
Original language |
|
Language |
en |
Also referred to |
|
Vulnerability Description
A crafted regular expression when compiled by perl 5.30.0 through 5.38.0 can cause a one attacker controlled byte buffer overflow in a heap allocated buffer
Vulnerabilities
CVE-2023-47038
Vulnerability DescriptionA vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
Weakness |
CWE-122 : Heap-based Buffer Overflow
|
Product status
Known affected
Product |
Score |
perl greater than or equal 5.30.0 and less than 5.34.3 |
|
perl greater than or equal 5.36.0 and less than 5.36.3 |
|
perl equal =5.38.0 |
|
Fixed
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
Revision history
Version |
Date of the revision |
Summary of the revision |
1 |
Mon Oct 30 00:00:00 2023 |
First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/