CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2022-48522

CVSS 9.8v3.1pub. 2023-08-22upd. 2024-11-21

In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Perl

    APP
    Perl
    5.34.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCELPE
CWE
References

Related vulnerabilities

CVE-2026-8376CRITICAL9.8PL ✓ten sam produkt

Heap buffer overflow w Perl przy kompilacji wyrażeń regularnych (32-bit)

CVE-2026-4176CRITICAL9.8PL ✓ten sam produkt

Podatność zlib w module Compress::Raw::Zlib w Perl (CVE-2026-4176)

CVE-2018-18311CRITICAL9.8ten sam produkt

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that trigge...

CVE-2018-18314CRITICAL9.8ten sam produkt

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operatio...

CVE-2018-18313CRITICAL9.1ten sam produkt

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensiti...