Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2023-47100

Опубликовано: 03 сент. 2025
Источник: msrc
CVSS3: 9.8

Описание

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

FAQ

Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?

One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.

9.8 Critical

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-47100

ubuntu
около 2 лет назад

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-47038. Reason: This record is a duplicate of CVE-2023-47038. Notes: All CVE users should reference CVE-2023-47038 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

redhat логотип

CVE-2023-47100

redhat
около 2 лет назад

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

nvd логотип

CVE-2023-47100

nvd
около 2 лет назад

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-47038. Reason: This record is a duplicate of CVE-2023-47038. Notes: All CVE users should reference CVE-2023-47038 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

github логотип

GHSA-hx28-vm67-xh3r

CVSS3: 9.8
github
около 2 лет назад

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

fstec логотип

BDU:2023-08382

CVSS3: 9.8
fstec
около 2 лет назад

Уязвимость функции S_parse_uniprop_string файла regcomp.c интерпретатора языка программирования Perl, позволяющая нарушителю оказать влияние на конфиденциальность, целостность и доступность защищаемой информации

9.8 Critical

CVSS3