GoogleOSV:CVE-2023-47100CVE-2023-47100
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.5%
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{…} regular expression construct is mishandled. The earliest affected version is 5.30.0.
| CPE | Name | Operator | Version |
|---|---|---|---|
| perl5 | eq | 5.18.0-RC2 | |
| perl5 | eq | 5.29.2 | |
| perl5 | eq | 5.28.0 | |
| perl5 | eq | perl-5.003_99a | |
| perl5 | eq | 5.10.0 | |
| perl5 | eq | 5.36.0-RC3 | |
| perl5 | eq | 5.17.4 | |
| perl5 | eq | 5.39.1 | |
| perl5 | eq | perl-5.9.4 | |
| perl5 | eq | 5.21.9 |
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.5%