Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes
Vulnerability Description
A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Perl 安全漏洞
Vulnerability Description
Perl是PERL社区的一款通用、解释型、动态的跨平台编程语言。 Perl存在安全漏洞,该漏洞源于堆缓冲区溢出,可能导致拒绝服务或代码执行。
CVSS Information
N/A
Vulnerability Type
N/A