Vulnerabilities > CVE-2022-48522 - Out-of-bounds Write vulnerability in Perl 5.34.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
Common Weakness Enumeration (CWE)
References
- https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345
- https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345
- https://security.netapp.com/advisory/ntap-20230915-0008/
- https://security.netapp.com/advisory/ntap-20230915-0008/