Home > Vulnerability Database > CVE-2023-47100

Mend.io Vulnerability Database

CVE-2023-47100

Good to know:

Date: December 1, 2023

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

Language: C

Severity Score

9.8

Related Resources (5)

Url: https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010

Url: https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-47100

Url: https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3

Url: https://www.mend.io/vulnerability-database/CVE-2023-47100

Severity Score

9.8

Weakness Type (CWE)

Improper Handling of Exceptional Conditions

CWE-755

Top Fix

Upgrade Version

Upgrade to version v5.34.2,v5.36.2,v5.38.1

Learn More

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-47100

Good to know:

Date: December 1, 2023

Language: C

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?