Software Detail

Software Informaton Top

Programming

Software Detail

Perl

Number Of NVD

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.perl.org/
Explanation	Perl is an advanced, feature-rich programming language with over 30 years of development experience. Perl runs on over 100 platforms, from portable to mainframe, and is suitable for both rapid prototyping and large-scale development projects. The above text is a translation of the English version at [https://www.perl.org/about.html]. Perl has long been used for server backend scripting and also as a server-side programming language for web applications. In recent years, other languages such as PHP and Python have come into use. The y in the Perl version notation x.y.z is even for the regular version and odd for the development version.
Tag	Artistic License オープンソース

Add Information URL

No	Type	Name	URL
1			https://www.perl.org/get.html
2			https://github.com/Perl/perl5
3			http://www.cpan.org/src/
4			https://japan.perlassociation.org/

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Critical	High	Medium	Low
21	Perl 5	5.43.5	Nov. 20, 2025	9	16	11	1
22	Perl 2	2.18.1		7	11	4	1
23	Perl 1	1.49		7	12	4	1
24	Perl 0	0.1		7	11	4	1
25	Perl -	-		7	11	4	1

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or higher	or less	less than	Update date Published date	Show Affected	Exploit PoC Search
21	7.5 5.0	HIGH Network	Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) v…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-12837	cpe:2.3:a:perl:perl:5.26.0:* cpe:2.3:a:perl:perl::		5.24.2		2024-11-21 12:10 2017-09-20	Show	GitHub Exploit DB Packet Storm

22	9.8 7.5	CRITICAL Network	The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive lette…	CWE-125 Out-of-bounds Read	CVE-2015-8608	cpe:2.3:a:perl:perl:5.22:*				2024-11-21 11:38 2017-02-8	Show	GitHub Exploit DB Packet Storm

23	7.8 4.6	HIGH Local	The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under…	NVD-CWE-noinfo	CVE-2016-6185	cpe:2.3:a:perl:perl::	5.25.0 5.23.0		5.25.3 5.24.1	2024-11-21 11:55 2016-08-2	Show	GitHub Exploit DB Packet Storm

24	7.8 7.2	HIGH Local	(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encod…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2016-1238	cpe:2.3:a:perl:perl:5.9.5:* cpe:2.3:a:perl:perl:5.9.4:* cpe:2.3:a:perl:perl:5.9.3:* cpe:2.3:a:perl:perl:5.9.2:…				2024-11-21 11:46 2016-08-2	Show	GitHub Exploit DB Packet Storm

25	7.5 5.0	HIGH Network	The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 …	CWE-20 Improper Input Validation	CVE-2015-8853	cpe:2.3:a:perl:perl::		5.23.9		2024-11-21 11:39 2016-05-26	Show	GitHub Exploit DB Packet Storm

26	7.5 5.0	HIGH Network	Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.	CWE-20 Improper Input Validation	CVE-2016-2381	cpe:2.3:a:perl:perl::			5.23.9	2024-11-21 11:48 2016-04-9	Show	GitHub Exploit DB Packet Storm

27	- 7.5	HIGH	Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute arbitrary code or cause a denial of service …	CWE-189 Numeric Errors	CVE-2013-7422	cpe:2.3:a:perl:perl:5.18.4:*				2024-11-21 11:00 2015-08-17	Show	GitHub Exploit DB Packet Storm

28	- 2.1	LOW	The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Referenc…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2014-4330	cpe:2.3:a:perl:perl::		5.20.1		2024-11-21 11:09 2014-10-1	Show	GitHub Exploit DB Packet Storm

29	- 4.3	MEDIUM	The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (ass…	CWE-20 Improper Input Validation	CVE-2010-4777	cpe:2.3:a:perl:perl:5.14.0:* cpe:2.3:a:perl:perl:5.12.0:* cpe:2.3:a:perl:perl:5.10:*				2024-11-21 10:21 2014-02-11	Show	GitHub Exploit DB Packet Storm

30	- 7.5	HIGH	The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.	CWE-399 Resource Management Errors	CVE-2013-1667	cpe:2.3:a:perl:perl:5.8.9:* cpe:2.3:a:perl:perl:5.8.8:* cpe:2.3:a:perl:perl:5.8.7:* cpe:2.3:a:perl:perl:5.8.6:…				2024-11-21 10:50 2013-03-14	Show	GitHub Exploit DB Packet Storm