Vulnerabilities > Perl > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-02 | CVE-2023-47100 | Improper Handling of Exceptional Conditions vulnerability in Perl In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. | 9.8 |
| 2023-08-22 | CVE-2022-48522 | Out-of-bounds Write vulnerability in Perl 5.34.0 In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. | 9.8 |
| 2018-12-07 | CVE-2018-18314 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | 9.8 |
| 2018-12-07 | CVE-2018-18313 | Out-of-bounds Read vulnerability in multiple products Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | 9.1 |
| 2018-12-07 | CVE-2018-18311 | Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | 9.8 |
| 2018-12-05 | CVE-2018-18312 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | 9.8 |
| 2018-04-17 | CVE-2018-6913 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | 9.8 |
| 2018-04-17 | CVE-2018-6797 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Perl 5.18 through 5.26. | 9.8 |
| 2017-09-28 | CVE-2017-12814 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Perl Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable. | 9.8 |
| 2017-09-19 | CVE-2017-12883 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Perl Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of service (application crash) via a crafted regular expression with an invalid '\N{U+...}' escape. | 9.1 |