regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.