Unrated severityOSV Advisory· Published Dec 18, 2023· Updated Jan 22, 2026

Perl: write past buffer end via illegal user-defined unicode property

CVE-2023-47038

Description

A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.

Affected products

Perl Foundation/Perl5OSV
Range: v5.30.0, v5.31.0, v5.31.1, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2024:2228mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:3128mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-47038mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
bugs.debian.org/cgi-bin/bugreport.cgimitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000