Home

CVE-2018-18314

Description

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.205

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Netapp Snapcenter -Windows
Practical Extraction and Report Language (USN-3684-1) perl_5.18.2-2ubuntu1.7_amd64.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.18.2-2ubuntu1.7_i386.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.22.1-9ubuntu0.6_amd64.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.22.1-9ubuntu0.6_i386.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.26.1-6ubuntu0.3_amd64.debLinux
Practical Extraction and Report Language (USN-3684-1) perl_5.26.1-6ubuntu0.3_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.18.2-2ubuntu1.7_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.18.2-2ubuntu1.7_amd64.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.22.1-9ubuntu0.6_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.22.1-9ubuntu0.6_amd64.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.1-6ubuntu0.3_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.1-6ubuntu0.3_amd64.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.2-7ubuntu0.1_i386.debLinux
Practical Extraction and Report Language (USN-3834-1) perl_5.26.2-7ubuntu0.1_amd64.debLinux
perl security update(DSA-4226-1) perl_5.24.1-3+deb9u5_i386.debLinux
perl security update(DSA-4226-1) perl_5.24.1-3+deb9u5_amd64.debLinux
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-18314)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234