CVE-2023-47038
published 2023-12-18CVE-2023-47038: A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | perl | < perl 5.36.0-7+deb12u1 (bookworm) | perl 5.36.0-7+deb12u1 (bookworm) |
| fedoraproject | fedora | — | — |
| perl | perl | >= 0 < 5.32.1-4+deb11u3 | 5.32.1-4+deb11u3 |
| perl | perl | >= 0 < 5.36.0-7+deb12u1 | 5.36.0-7+deb12u1 |
| perl | perl | >= 0 < 5.36.0-10 | 5.36.0-10 |
| perl | perl | >= 0 < 5.36.0-10 | 5.36.0-10 |
| perl | perl | >= 0 < 5.30.0-9ubuntu0.5 | 5.30.0-9ubuntu0.5 |
| perl | perl | >= 0 < 5.34.0-3ubuntu1.3 | 5.34.0-3ubuntu1.3 |
| perl | perl | 5.30.0 – 5.38.0 | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_aus | — | — |
| redhat | enterprise_linux_eus | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL