Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2018-18311

UNKNOWN
Published 2018-12-07T21:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-18311. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-qr73-9894-ffxf

Advisory Details

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-18311
WEB https://github.com/Perl/perl5/commit/34716e2a6ee2af96078d62b065b7785c001194be
WEB https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
WEB https://www.oracle.com/security-alerts/cpujul2020.html
WEB https://www.oracle.com/security-alerts/cpuapr2020.html
WEB https://www.debian.org/security/2018/dsa-4347
WEB https://usn.ubuntu.com/3834-2
WEB https://usn.ubuntu.com/3834-1
WEB https://support.apple.com/kb/HT209600
WEB https://security.netapp.com/advisory/ntap-20190221-0003
WEB https://security.gentoo.org/glsa/201909-01
WEB https://seclists.org/bugtraq/2019/Mar/42
WEB https://rt.perl.org/Ticket/Display.html?id=133204
WEB https://metacpan.org/changes/release/SHAY/perl-5.28.1
WEB https://metacpan.org/changes/release/SHAY/perl-5.26.3
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM
WEB https://lists.debian.org/debian-lts-announce/2018/11/msg00039.html
WEB https://kc.mcafee.com/corporate/index?page=content&id=SB10278
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1646730
WEB https://access.redhat.com/errata/RHSA-2019:2400
WEB https://access.redhat.com/errata/RHSA-2019:1942
WEB https://access.redhat.com/errata/RHSA-2019:1790
WEB https://access.redhat.com/errata/RHSA-2019:0109
WEB https://access.redhat.com/errata/RHSA-2019:0010
WEB https://access.redhat.com/errata/RHSA-2019:0001
WEB https://access.redhat.com/errata/RHBA-2019:0327
WEB http://seclists.org/fulldisclosure/2019/Mar/49
WEB http://www.securityfocus.com/bid/106145
WEB http://www.securitytracker.com/id/1042181

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://lists.debian.org/debian-lts-announce/2018/11/msg00039.html
https://www.debian.org/security/2018/dsa-4347
http://www.securityfocus.com/bid/106145
http://www.securitytracker.com/id/1042181
https://access.redhat.com/errata/RHSA-2019:0010
https://usn.ubuntu.com/3834-2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWQGEB543QN7SSBRKYJM6PSOC3RLYGSM/
https://access.redhat.com/errata/RHSA-2019:0001
https://access.redhat.com/errata/RHSA-2019:0109
https://usn.ubuntu.com/3834-1/
https://seclists.org/bugtraq/2019/Mar/42
http://seclists.org/fulldisclosure/2019/Mar/49
https://access.redhat.com/errata/RHBA-2019:0327
https://access.redhat.com/errata/RHSA-2019:1790
https://access.redhat.com/errata/RHSA-2019:1942
https://access.redhat.com/errata/RHSA-2019:2400
https://security.gentoo.org/glsa/201909-01
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://support.apple.com/kb/HT209600
https://bugzilla.redhat.com/show_bug.cgi?id=1646730
https://security.netapp.com/advisory/ntap-20190221-0003/
https://metacpan.org/changes/release/SHAY/perl-5.26.3
https://metacpan.org/changes/release/SHAY/perl-5.28.1
https://rt.perl.org/Ticket/Display.html?id=133204
https://github.com/Perl/perl5/commit/34716e2a6ee2af96078d62b065b7785c001194be
https://kc.mcafee.com/corporate/index?page=content&id=SB10278

HackerOne Reports

Container scanning and Dependency scanning report leaked to unauthorized users Medium
xanbanx
GitLab
Improper Access Control - Generic
View Report
Integer overflow leading to buffer overflow Critical
jkrshnmenon
Internet Bug Bounty
Integer Overflow
View Report
Published: 2018-12-07T21:00:00
Last Modified: 2024-08-05T11:08:21.612Z
Copied to clipboard!