Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Perl Number Of NVD 46 CRITICAL 14 HIGH 19 MEDIUM 12 LOW 1
URL https://www.perl.org/
Explanation Perl is an advanced, feature-rich programming language with over 30 years of development experience.
Perl runs on over 100 platforms, from portable to mainframe, and is suitable for both rapid prototyping and large-scale development projects.

The above text is a translation of the English version at [https://www.perl.org/about.html].

Perl has long been used for server backend scripting and also as a server-side programming language for web applications.
In recent years, other languages such as PHP and Python have come into use.

The y in the Perl version notation x.y.z is even for the regular version and odd for the development version.
Tag
  • Artistic License
  • オープンソース

Add Information URL
No Type Name URL
1 https://www.perl.org/get.html
2 https://github.com/Perl/perl5
3 http://www.cpan.org/src/
4 https://japan.perlassociation.org/

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
31 New!! Perl 5 5.44.0 July 15, 2026 Oct. 17, 1994 11 17 11 1
32 Perl 4 0 0 0 0
33 Perl 3 0 0 0 0
34 Perl 2 2.18.1 9 12 4 1
35 Perl 1 1.49 9 13 4 1
36 Perl 0 0.1 9 12 4 1
37 Perl - - 9 12 4 1
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
31 -
2.1
LOW The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Referenc… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2014-4330 cpe:2.3:a:perl:perl:*:* 5.20.1 2024-11-21 11:09
2014-10-1
Show GitHub Exploit DB Packet Storm
32 -
4.3
MEDIUM The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (ass… CWE-20
 Improper Input Validation 
CVE-2010-4777 cpe:2.3:a:perl:perl:5.14.0:*
cpe:2.3:a:perl:perl:5.12.0:*
cpe:2.3:a:perl:perl:5.10:*
2024-11-21 10:21
2014-02-11
Show GitHub Exploit DB Packet Storm
33 -
7.5
HIGH The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key. CWE-399
 Resource Management Errors
CVE-2013-1667 cpe:2.3:a:perl:perl:5.8.9:*
cpe:2.3:a:perl:perl:5.8.8:*
cpe:2.3:a:perl:perl:5.8.7:*
cpe:2.3:a:perl:perl:5.8.6:…
2024-11-21 10:50
2013-03-14
Show GitHub Exploit DB Packet Storm
34 -
7.5
HIGH The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket n… CWE-94
Code Injection
CVE-2012-6329 cpe:2.3:a:perl:perl:5.16.1:*
cpe:2.3:a:perl:perl:5.16.0:*
cpe:2.3:a:perl:perl:5.14.3:*
cpe:2.3:a:perl:perl:5.1…
5.16.2 2024-11-21 10:46
2013-01-5
Show GitHub Exploit DB Packet Storm
35 -
4.3
MEDIUM The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, whic… NVD-CWE-Other
CVE-2011-2728 cpe:2.3:a:perl:perl:5.9.2:*
cpe:2.3:a:perl:perl:5.8.9:*
cpe:2.3:a:perl:perl:5.8.8:*
cpe:2.3:a:perl:perl:5.8.7:…
5.14.1 2024-11-21 10:28
2012-12-21
Show GitHub Exploit DB Packet Storm
36 -
7.5
HIGH Heap-based buffer overflow in the Perl_repeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial … CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2012-5195 cpe:2.3:a:perl:perl:5.14.2:*
cpe:2.3:a:perl:perl:5.14.1:*
cpe:2.3:a:perl:perl:5.14.0:rc3
cpe:2.3:a:perl:perl:5…
2024-11-21 10:44
2012-12-18
Show GitHub Exploit DB Packet Storm
37 -
5.0
MEDIUM Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (proce… CWE-134
Use of Externally-Controlled Format String
CVE-2012-1151 cpe:2.3:a:perl:perl:2.9.2:*
cpe:2.3:a:perl:perl:2.9.1:*
cpe:2.3:a:perl:perl:2.9.0:*
cpe:2.3:a:perl:perl:2.8.8:…
2.18.1 2024-11-21 10:36
2012-09-10
Show GitHub Exploit DB Packet Storm
38 -
5.1
MEDIUM Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service … CWE-189
Numeric Errors
CVE-2011-2939 cpe:2.3:a:perl:perl:5.9.2:*
cpe:2.3:a:perl:perl:5.8.9:*
cpe:2.3:a:perl:perl:5.8.8:*
cpe:2.3:a:perl:perl:5.8.7:…
5.14.2 2024-11-21 10:29
2012-01-14
Show GitHub Exploit DB Packet Storm
39 -
5.0
MEDIUM Perl 5.10.x allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) by leveraging an ability to inject arguments into a (1) getpeername, (2) r… NVD-CWE-Other
CVE-2011-0761 cpe:2.3:a:perl:perl:5.10.1:rc2
cpe:2.3:a:perl:perl:5.10.1:rc1
cpe:2.3:a:perl:perl:5.10.1:*
cpe:2.3:a:perl:perl…
2024-11-21 10:24
2011-05-14
Show GitHub Exploit DB Packet Storm
40 -
5.0
MEDIUM The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon pro… CWE-264
Permissions, Privileges, and Access Controls
CVE-2011-1487 cpe:2.3:a:perl:perl:5.13.9:*
cpe:2.3:a:perl:perl:5.13.8:*
cpe:2.3:a:perl:perl:5.13.7:*
cpe:2.3:a:perl:perl:5.1…
2024-11-21 10:26
2011-04-12
Show GitHub Exploit DB Packet Storm