Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Perl Number Of NVD 43 CRITICAL 12 HIGH 18 MEDIUM 12 LOW 1
URL https://www.perl.org/
Explanation Perl is an advanced, feature-rich programming language with over 30 years of development experience.
Perl runs on over 100 platforms, from portable to mainframe, and is suitable for both rapid prototyping and large-scale development projects.

The above text is a translation of the English version at [https://www.perl.org/about.html].

Perl has long been used for server backend scripting and also as a server-side programming language for web applications.
In recent years, other languages such as PHP and Python have come into use.

The y in the Perl version notation x.y.z is even for the regular version and odd for the development version.
Tag
  • Artistic License
  • オープンソース
Add Information URL
No Type Name URL
1 https://www.perl.org/get.html
2 https://github.com/Perl/perl5
3 http://www.cpan.org/src/
4 https://japan.perlassociation.org/
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
11 Perl 5 5.43.5 Nov. 20, 2025 9 16 11 1
12 Perl 2 2.18.1 7 11 4 1
13 Perl 1 1.49 7 12 4 1
14 Perl 0 0.1 7 11 4 1
15 Perl - - 7 11 4 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
11 9.8
7.5 		CRITICAL
Network 		Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-18314 cpe:2.3:a:perl:perl:*:* 5.26.3 2024-11-21 12:55
2018-12-8 		Show GitHub Exploit DB Packet Storm
12 9.1
6.4 		CRITICAL
Network 		Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. CWE-125
Out-of-bounds Read 		CVE-2018-18313 cpe:2.3:a:perl:perl:*:* 5.26.3 2024-11-21 12:55
2018-12-8 		Show GitHub Exploit DB Packet Storm
13 9.8
7.5 		CRITICAL
Network 		Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-787
CWE-190
 Out-of-bounds Write
 Integer Overflow or Wraparound 		CVE-2018-18311 cpe:2.3:a:perl:perl:*:*
5.28.0

5.26.3
5.28.1 		2024-11-21 12:55
2018-12-8 		Show GitHub Exploit DB Packet Storm
14 9.8
7.5 		CRITICAL
Network 		Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2018-18312 cpe:2.3:a:perl:perl:*:*
5.28.0

5.26.3
5.28.1 		2024-11-21 12:55
2018-12-6 		Show GitHub Exploit DB Packet Storm
15 7.5
6.4 		HIGH
Network 		In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink a… CWE-59
Link Following 		CVE-2018-12015 cpe:2.3:a:perl:perl:*:* 5.26.2 2024-11-21 12:44
2018-06-7 		Show GitHub Exploit DB Packet Storm
16 9.8
7.5 		CRITICAL
Network 		Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. CWE-787
 Out-of-bounds Write 		CVE-2018-6913 cpe:2.3:a:perl:perl:*:* 5.26.2 2024-11-21 13:11
2018-04-18 		Show GitHub Exploit DB Packet Storm
17 7.5
5.0 		HIGH
Network 		An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. CWE-125
Out-of-bounds Read 		CVE-2018-6798 cpe:2.3:a:perl:perl:*:* 5.22 5.26 2024-11-21 13:11
2018-04-18 		Show GitHub Exploit DB Packet Storm
18 9.8
7.5 		CRITICAL
Network 		An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written. CWE-787
 Out-of-bounds Write 		CVE-2018-6797 cpe:2.3:a:perl:perl:*:* 5.18 5.26 2024-11-21 13:11
2018-04-18 		Show GitHub Exploit DB Packet Storm
19 9.8
7.5 		CRITICAL
Network 		Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long en… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-12814 cpe:2.3:a:perl:perl:5.26.0:*
cpe:2.3:a:perl:perl:*:* 		5.24.2 2024-11-21 12:10
2017-09-28 		Show GitHub Exploit DB Packet Storm
20 9.1
6.4 		CRITICAL
Network 		Buffer overflow in the S_grok_bslash_N function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to disclose sensitive information or cause a denial of se… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-12883 cpe:2.3:a:perl:perl:5.26.0:*
cpe:2.3:a:perl:perl:*:* 		5.24.2 2024-11-21 12:10
2017-09-20 		Show GitHub Exploit DB Packet Storm