Vulnerability Details CVE-2023-47100
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.8%
CVSS Severity
CVSS v3 Score 9.8
References
- https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010
- https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6
- https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3
- https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010
- https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6
- https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3
Products affected by CVE-2023-47100
-
cpe:2.3:a:perl:perl:5.30.0
-
cpe:2.3:a:perl:perl:5.30.1
-
cpe:2.3:a:perl:perl:5.30.2
-
cpe:2.3:a:perl:perl:5.30.3
-
cpe:2.3:a:perl:perl:5.31.0
-
cpe:2.3:a:perl:perl:5.31.1
-
cpe:2.3:a:perl:perl:5.31.10
-
cpe:2.3:a:perl:perl:5.31.11
-
cpe:2.3:a:perl:perl:5.31.2
-
cpe:2.3:a:perl:perl:5.31.3
-
cpe:2.3:a:perl:perl:5.31.4
-
cpe:2.3:a:perl:perl:5.31.5
-
cpe:2.3:a:perl:perl:5.31.6
-
cpe:2.3:a:perl:perl:5.31.7
-
cpe:2.3:a:perl:perl:5.31.8
-
cpe:2.3:a:perl:perl:5.31.9
-
cpe:2.3:a:perl:perl:5.32.0
-
cpe:2.3:a:perl:perl:5.32.1
-
cpe:2.3:a:perl:perl:5.33.0
-
cpe:2.3:a:perl:perl:5.33.1
-
cpe:2.3:a:perl:perl:5.33.2
-
cpe:2.3:a:perl:perl:5.33.3
-
cpe:2.3:a:perl:perl:5.33.4
-
cpe:2.3:a:perl:perl:5.33.5
-
cpe:2.3:a:perl:perl:5.33.6
-
cpe:2.3:a:perl:perl:5.33.7
-
cpe:2.3:a:perl:perl:5.33.8
-
cpe:2.3:a:perl:perl:5.33.9
-
cpe:2.3:a:perl:perl:5.34.0
-
cpe:2.3:a:perl:perl:5.34.1
-
cpe:2.3:a:perl:perl:5.34.2
-
cpe:2.3:a:perl:perl:5.34.3
-
cpe:2.3:a:perl:perl:5.35.0
-
cpe:2.3:a:perl:perl:5.35.1
-
cpe:2.3:a:perl:perl:5.35.10
-
cpe:2.3:a:perl:perl:5.35.11
-
cpe:2.3:a:perl:perl:5.35.2
-
cpe:2.3:a:perl:perl:5.35.3
-
cpe:2.3:a:perl:perl:5.35.4
-
cpe:2.3:a:perl:perl:5.35.5
-
cpe:2.3:a:perl:perl:5.35.6
-
cpe:2.3:a:perl:perl:5.35.7
-
cpe:2.3:a:perl:perl:5.35.8
-
cpe:2.3:a:perl:perl:5.35.9
-
cpe:2.3:a:perl:perl:5.36.0
-
cpe:2.3:a:perl:perl:5.36.1
-
cpe:2.3:a:perl:perl:5.36.2
-
cpe:2.3:a:perl:perl:5.36.3
-
cpe:2.3:a:perl:perl:5.37.0
-
cpe:2.3:a:perl:perl:5.37.1
-
cpe:2.3:a:perl:perl:5.37.10
-
cpe:2.3:a:perl:perl:5.37.11
-
cpe:2.3:a:perl:perl:5.37.2
-
cpe:2.3:a:perl:perl:5.37.3
-
cpe:2.3:a:perl:perl:5.37.4
-
cpe:2.3:a:perl:perl:5.37.5
-
cpe:2.3:a:perl:perl:5.37.6
-
cpe:2.3:a:perl:perl:5.37.7
-
cpe:2.3:a:perl:perl:5.37.8
-
cpe:2.3:a:perl:perl:5.37.9
-
cpe:2.3:a:perl:perl:5.38.0
-
cpe:2.3:a:perl:perl:5.38.1