Home

CVE-2018-18311

Description

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
11.355

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Netapp Snapcenter -Windows
Multiple vulnerabilities are fixed in macOS Mojave 10.14.4Mac
Multiple vulnerabilities are fixed in macOS Mojave 10.14.4 Combo UpdateMac
Practical Extraction and Report Language (USN-3684-1) perl_5.18.2-2ubuntu1.7_amd64.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.18.2-2ubuntu1.7_i386.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.22.1-9ubuntu0.6_amd64.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.22.1-9ubuntu0.6_i386.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.26.1-6ubuntu0.3_amd64.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.26.1-6ubuntu0.3_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.18.2-2ubuntu1.7_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.18.2-2ubuntu1.7_amd64.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.22.1-9ubuntu0.6_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.22.1-9ubuntu0.6_amd64.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.1-6ubuntu0.3_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.1-6ubuntu0.3_amd64.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.2-7ubuntu0.1_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.2-7ubuntu0.1_amd64.debLinux
perl security update(DSA-4226-1) perl_5.24.1-3+deb9u5_i386.debLinux
perl security update(DSA-4226-1) perl_5.24.1-3+deb9u5_amd64.debLinux
Perl security update (CESA-2019:0109) perl-5.16.3-294.el7_6.x86_64.rpmLinux
Perl security update (CESA-2019:0109) perl-CPAN-1.9800-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-core-5.16.3-294.el7_6.x86_64.rpmLinux
Perl security update (CESA-2019:0109) perl-libs-5.16.3-294.el7_6.i686.rpmLinux
Perl security update (CESA-2019:0109) perl-libs-5.16.3-294.el7_6.x86_64.rpmLinux
Perl security update (CESA-2019:0109) perl-devel-5.16.3-294.el7_6.i686.rpmLinux
Perl security update (CESA-2019:0109) perl-devel-5.16.3-294.el7_6.x86_64.rpmLinux
Perl security update (CESA-2019:0109) perl-tests-5.16.3-294.el7_6.x86_64.rpmLinux
Perl security update (CESA-2019:0109) perl-macros-5.16.3-294.el7_6.x86_64.rpmLinux
Perl security update (CESA-2019:0109) perl-IO-Zlib-1.10-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-Time-Piece-1.20.1-294.el7_6.x86_64.rpmLinux
Perl security update (CESA-2019:0109) perl-Pod-Escapes-1.04-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-Module-Loaded-0.08-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-ExtUtils-Embed-1.30-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-Module-CoreList-2.76.02-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-Object-Accessor-0.42-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-ExtUtils-Install-1.58-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-Package-Constants-0.02-294.el7_6.noarch.rpmLinux
Perl security update (CESA-2019:0109) perl-Locale-Maketext-Simple-0.21-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-5.16.3-294.el7_6.x86_64.rpmLinux
(RHSA-2019:0109) perl security update perl-CPAN-1.9800-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-ExtUtils-Embed-1.30-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-ExtUtils-Install-1.58-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-IO-Zlib-1.10-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-Locale-Maketext-Simple-0.21-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-Module-CoreList-2.76.02-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-Module-Loaded-0.08-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-Object-Accessor-0.42-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-Package-Constants-0.02-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-Pod-Escapes-1.04-294.el7_6.noarch.rpmLinux
(RHSA-2019:0109) perl security update perl-Time-Piece-1.20.1-294.el7_6.x86_64.rpmLinux
(RHSA-2019:0109) perl security update perl-core-5.16.3-294.el7_6.x86_64.rpmLinux
(RHSA-2019:0109) perl security update perl-devel-5.16.3-294.el7_6.i686.rpmLinux
(RHSA-2019:0109) perl security update perl-devel-5.16.3-294.el7_6.x86_64.rpmLinux
(RHSA-2019:0109) perl security update perl-libs-5.16.3-294.el7_6.i686.rpmLinux
(RHSA-2019:0109) perl security update perl-libs-5.16.3-294.el7_6.x86_64.rpmLinux
(RHSA-2019:0109) perl security update perl-macros-5.16.3-294.el7_6.x86_64.rpmLinux
(RHSA-2019:0109) perl security update perl-tests-5.16.3-294.el7_6.x86_64.rpmLinux
(RHSA-2019:2400) perl security update perl-Perl4-CoreLibs-0.001-291.el7_3.1.noarch.rpmLinux
Perl update (ELSA-2019-0109) perl-5.16.3-294.el7_6.x86_64.rpmLinux
Perl-core update (ELSA-2019-0109) perl-core-5.16.3-294.el7_6.x86_64.rpmLinux
Perl-devel update (ELSA-2019-0109) perl-devel-5.16.3-294.el7_6.x86_64.rpmLinux
Perl-libs update (ELSA-2019-0109) perl-libs-5.16.3-294.el7_6.x86_64.rpmLinux
Perl-macros update (ELSA-2019-0109) perl-macros-5.16.3-294.el7_6.x86_64.rpmLinux
Perl-tests update (ELSA-2019-0109) perl-tests-5.16.3-294.el7_6.x86_64.rpmLinux
Perl-Time-Piece update (ELSA-2019-0109) perl-Time-Piece-1.20.1-294.el7_6.x86_64.rpmLinux
Perl-CPAN update (ELSA-2019-0109) perl-CPAN-1.9800-294.el7_6.noarch.rpmLinux
Perl-ExtUtils-CBuilder update (ELSA-2019-0109) perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.noarch.rpmLinux
Perl-ExtUtils-Embed update (ELSA-2019-0109) perl-ExtUtils-Embed-1.30-294.el7_6.noarch.rpmLinux
Perl-ExtUtils-Install update (ELSA-2019-0109) perl-ExtUtils-Install-1.58-294.el7_6.noarch.rpmLinux
Perl-IO-Zlib update (ELSA-2019-0109) perl-IO-Zlib-1.10-294.el7_6.noarch.rpmLinux
Perl-Locale-Maketext-Simple update (ELSA-2019-0109) perl-Locale-Maketext-Simple-0.21-294.el7_6.noarch.rpmLinux
Perl-Module-CoreList update (ELSA-2019-0109) perl-Module-CoreList-2.76.02-294.el7_6.noarch.rpmLinux
Perl-Module-Loaded update (ELSA-2019-0109) perl-Module-Loaded-0.08-294.el7_6.noarch.rpmLinux
Perl-Object-Accessor update (ELSA-2019-0109) perl-Object-Accessor-0.42-294.el7_6.noarch.rpmLinux
Perl-Package-Constants update (ELSA-2019-0109) perl-Package-Constants-0.02-294.el7_6.noarch.rpmLinux
Perl-Pod-Escapes update (ELSA-2019-0109) perl-Pod-Escapes-1.04-294.el7_6.noarch.rpmLinux
Perl-devel update (ELSA-2019-0109) perl-devel-5.16.3-294.el7_6.i686.rpmLinux
Perl-libs update (ELSA-2019-0109) perl-libs-5.16.3-294.el7_6.i686.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-5.18.2-12.20.1.x86_64.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-32bit-5.18.2-12.20.1.x86_64.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-base-5.18.2-12.20.1.x86_64.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-base-debuginfo-5.18.2-12.20.1.x86_64.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-debuginfo-5.18.2-12.20.1.x86_64.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-debuginfo-32bit-5.18.2-12.20.1.x86_64.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-debugsource-5.18.2-12.20.1.x86_64.rpmLinux
SUSE-SU-2019:2264-1(SUSE Linux Enterprise Server 12-SP5) perl-doc-5.18.2-12.20.1.noarch.rpmLinux
Out-of-bounds Write Vulnerability (CVE-2018-18311)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602004macOS Mojave 10.14.6
PATCH-602005macOS Mojave 10.14.6 Combo Update

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234