CVE-2023-47100

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 2, 2023
Updated: Dec 14, 2023
CWE ID 755

Summary

CVE-2023-47100 is a critical vulnerability in Perl versions before 5.38.2, impacting a wide range of products. The vulnerability occurs in the S_parse_uniprop_string function in regcomp.c, where a mishandling of a property name associated with a \p{...} regular expression construct can lead to writing to unallocated space. The earliest affected version is 5.30.0. This vulnerability poses a high risk to organizations as it can be exploited remotely without user interaction, potentially resulting in the compromise of confidentiality, integrity, and availability of systems. To remediate this vulnerability, it is recommended to update the affected Perl versions to 5.38.2 or later.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-47100 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options