CVE-2018-18311

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

mitre·CWE-190·Published 2018-12-07

CVSS

—

EPSS

0.12

KEV

Exploits

Vendor statements (12)

debian.org
access.redhat.com
usn.ubuntu.com
lists.fedoraproject.org
access.redhat.com
access.redhat.com
usn.ubuntu.com
access.redhat.com
access.redhat.com
access.redhat.com
access.redhat.com
security.gentoo.org

cve.orgen

138 chars

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

NVDes

213 chars

Perl, en versiones anteriores a la 5.26.3 y versiones 5.28.0.x anteriores a la 5.28.1, tiene un desbordamiento de búfer mediante una expresión regular manipulada que desencadena operaciones inválidas de escritura.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H