Software Detail

Software Informaton Top

Programming

Software Detail

Perl

Number Of NVD

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.perl.org/
Explanation	Perl is an advanced, feature-rich programming language with over 30 years of development experience. Perl runs on over 100 platforms, from portable to mainframe, and is suitable for both rapid prototyping and large-scale development projects. The above text is a translation of the English version at [https://www.perl.org/about.html]. Perl has long been used for server backend scripting and also as a server-side programming language for web applications. In recent years, other languages such as PHP and Python have come into use. The y in the Perl version notation x.y.z is even for the regular version and odd for the development version.
Tag	Artistic License オープンソース

Add Information URL

No	Type	Name	URL
1			https://www.perl.org/get.html
2			https://github.com/Perl/perl5
3			http://www.cpan.org/src/
4			https://japan.perlassociation.org/

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Critical	High	Medium	Low
31	Perl 5	5.43.5	Nov. 20, 2025	9	16	11	1
32	Perl 2	2.18.1		7	11	4	1
33	Perl 1	1.49		7	12	4	1
34	Perl 0	0.1		7	11	4	1
35	Perl -	-		7	11	4	1

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or less	Update date Published date	Show Affected	Exploit PoC Search
31	- 7.5	HIGH	The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket n…	CWE-94 Code Injection	CVE-2012-6329	cpe:2.3:a:perl:perl:5.16.1:* cpe:2.3:a:perl:perl:5.16.0:* cpe:2.3:a:perl:perl:5.14.3:* cpe:2.3:a:perl:perl:5.1…	5.16.2	2024-11-21 10:46 2013-01-5	Show	GitHub Exploit DB Packet Storm

32	- 4.3	MEDIUM	The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, whic…	NVD-CWE-Other	CVE-2011-2728	cpe:2.3:a:perl:perl:5.9.2:* cpe:2.3:a:perl:perl:5.8.9:* cpe:2.3:a:perl:perl:5.8.8:* cpe:2.3:a:perl:perl:5.8.7:…	5.14.1	2024-11-21 10:28 2012-12-21	Show	GitHub Exploit DB Packet Storm

33	- 7.5	HIGH	Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2012-5195	cpe:2.3:a:perl:perl:5.14.2:* cpe:2.3:a:perl:perl:5.14.1:* cpe:2.3:a:perl:perl:5.14.0:rc3 cpe:2.3:a:perl:perl:5…		2024-11-21 10:44 2012-12-18	Show	GitHub Exploit DB Packet Storm

34	- 5.0	MEDIUM	Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (proce…	CWE-134 Use of Externally-Controlled Format String	CVE-2012-1151	cpe:2.3:a:perl:perl:2.9.2:* cpe:2.3:a:perl:perl:2.9.1:* cpe:2.3:a:perl:perl:2.9.0:* cpe:2.3:a:perl:perl:2.8.8:…	2.18.1	2024-11-21 10:36 2012-09-10	Show	GitHub Exploit DB Packet Storm

35	- 5.1	MEDIUM	Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service …	CWE-189 Numeric Errors	CVE-2011-2939	cpe:2.3:a:perl:perl:5.9.2:* cpe:2.3:a:perl:perl:5.8.9:* cpe:2.3:a:perl:perl:5.8.8:* cpe:2.3:a:perl:perl:5.8.7:…	5.14.2	2024-11-21 10:29 2012-01-14	Show	GitHub Exploit DB Packet Storm

36	- 5.0	MEDIUM	Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) r…	NVD-CWE-Other	CVE-2011-0761	cpe:2.3:a:perl:perl:5.10.1:rc2 cpe:2.3:a:perl:perl:5.10.1:rc1 cpe:2.3:a:perl:perl:5.10.1:* cpe:2.3:a:perl:perl…		2024-11-21 10:24 2011-05-14	Show	GitHub Exploit DB Packet Storm

37	- 5.0	MEDIUM	The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon pro…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2011-1487	cpe:2.3:a:perl:perl:5.13.9:* cpe:2.3:a:perl:perl:5.13.8:* cpe:2.3:a:perl:perl:5.13.7:* cpe:2.3:a:perl:perl:5.1…		2024-11-21 10:26 2011-04-12	Show	GitHub Exploit DB Packet Storm

38	- 5.0	MEDIUM	Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular…	CWE-189 Numeric Errors	CVE-2010-1158	cpe:2.3:a:perl:perl:5.8.9:* cpe:2.3:a:perl:perl:5.8.8:* cpe:2.3:a:perl:perl:5.8.7:* cpe:2.3:a:perl:perl:5.8.6:…		2013-10-24 12:22 2010-04-21	Show	GitHub Exploit DB Packet Storm

39	- 5.0	MEDIUM	Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-e…	NVD-CWE-Other	CVE-2009-3626	cpe:2.3:a:perl:perl:5.10.1:*		2026-04-23 09:35 2009-10-29	Show	GitHub Exploit DB Packet Storm

40	- 4.6	MEDIUM	The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2008-2827	cpe:2.3:a:perl:perl:5.10:*		2026-04-23 09:35 2008-06-24	Show	GitHub Exploit DB Packet Storm