CVE-2013-1667 — Perl vulnerability

CWE-3999 documents8 sources

Severity

7.5HIGHNVD

EPSS

3.6%

top 12.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Perl Debian Perl

Timeline

PublishedMar 14

Latest updateMay 17

Description

The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/perl< perl 5.14.2-19 (bookworm)

▶Debianperl/perl< 5.14.2-19+3

▶NVDperl/perl42 versions+41

🔴Vulnerability Details

GHSA

GHSA-wv37-679q-qgxw: The rehash mechanism in Perl 5↗2022-05-17

▶

OSV

CVE-2013-1667: The rehash mechanism in Perl 5↗2013-03-14

▶

CVEList

CVE-2013-1667: The rehash mechanism in Perl 5↗2013-03-12

▶

📋Vendor Advisories

Ubuntu

Perl vulnerability↗2013-03-19

▶

Red Hat

perl: DoS in rehashing code↗2013-03-04

▶

Debian

CVE-2013-1667: perl - The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attac...↗2013

▶

💬Community

Bugzilla

CVE-2013-1667 perl: DoS in rehashing code [fedora-all]↗2013-03-05

▶

Bugzilla

CVE-2013-1667 perl: DoS in rehashing code↗2013-02-18

▶