VULNERABILITY

Amazon Linux 2023: CVE-2023-47100: Medium priority package update for perl

Try Surface Command Get a continuous 360° view of your attack surface

Back to Search

Amazon Linux 2023: CVE-2023-47100: Medium priority package update for perl

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:N)

Published

12/03/2023

Created

02/14/2025

Added

02/17/2025

Modified

02/17/2025

Description

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. A flaw was found in Perl due to improper handling of the property name by the S_parse_uniprop_string function in regcomp.c. This issue could allow an attacker to to bypass security restrictions and use a specially crafted regular expression input to write to unallocated space.

Solution(s)

amazon-linux-2023-upgrade-perl
amazon-linux-2023-upgrade-perl-attribute-handlers
amazon-linux-2023-upgrade-perl-autoloader
amazon-linux-2023-upgrade-perl-autosplit
amazon-linux-2023-upgrade-perl-autouse
amazon-linux-2023-upgrade-perl-b
amazon-linux-2023-upgrade-perl-base
amazon-linux-2023-upgrade-perl-b-debuginfo
amazon-linux-2023-upgrade-perl-benchmark
amazon-linux-2023-upgrade-perl-blib
amazon-linux-2023-upgrade-perl-class-struct
amazon-linux-2023-upgrade-perl-config-extensions
amazon-linux-2023-upgrade-perl-dbm-filter
amazon-linux-2023-upgrade-perl-debugger
amazon-linux-2023-upgrade-perl-debuginfo
amazon-linux-2023-upgrade-perl-debugsource
amazon-linux-2023-upgrade-perl-deprecate
amazon-linux-2023-upgrade-perl-devel
amazon-linux-2023-upgrade-perl-devel-peek
amazon-linux-2023-upgrade-perl-devel-peek-debuginfo
amazon-linux-2023-upgrade-perl-devel-selfstubber
amazon-linux-2023-upgrade-perl-diagnostics
amazon-linux-2023-upgrade-perl-dirhandle
amazon-linux-2023-upgrade-perl-doc
amazon-linux-2023-upgrade-perl-dumpvalue
amazon-linux-2023-upgrade-perl-dynaloader
amazon-linux-2023-upgrade-perl-encoding-warnings
amazon-linux-2023-upgrade-perl-english
amazon-linux-2023-upgrade-perl-errno
amazon-linux-2023-upgrade-perl-extutils-constant
amazon-linux-2023-upgrade-perl-extutils-embed
amazon-linux-2023-upgrade-perl-extutils-miniperl
amazon-linux-2023-upgrade-perl-fcntl
amazon-linux-2023-upgrade-perl-fcntl-debuginfo
amazon-linux-2023-upgrade-perl-fields
amazon-linux-2023-upgrade-perl-file-basename
amazon-linux-2023-upgrade-perl-filecache
amazon-linux-2023-upgrade-perl-file-compare
amazon-linux-2023-upgrade-perl-file-copy
amazon-linux-2023-upgrade-perl-file-dosglob
amazon-linux-2023-upgrade-perl-file-dosglob-debuginfo
amazon-linux-2023-upgrade-perl-file-find
amazon-linux-2023-upgrade-perl-filehandle
amazon-linux-2023-upgrade-perl-file-stat
amazon-linux-2023-upgrade-perl-filetest
amazon-linux-2023-upgrade-perl-findbin
amazon-linux-2023-upgrade-perl-gdbm-file
amazon-linux-2023-upgrade-perl-gdbm-file-debuginfo
amazon-linux-2023-upgrade-perl-getopt-std
amazon-linux-2023-upgrade-perl-hash-util
amazon-linux-2023-upgrade-perl-hash-util-debuginfo
amazon-linux-2023-upgrade-perl-hash-util-fieldhash
amazon-linux-2023-upgrade-perl-hash-util-fieldhash-debuginfo
amazon-linux-2023-upgrade-perl-i18n-collate
amazon-linux-2023-upgrade-perl-i18n-langinfo
amazon-linux-2023-upgrade-perl-i18n-langinfo-debuginfo
amazon-linux-2023-upgrade-perl-i18n-langtags
amazon-linux-2023-upgrade-perl-if
amazon-linux-2023-upgrade-perl-interpreter
amazon-linux-2023-upgrade-perl-interpreter-debuginfo
amazon-linux-2023-upgrade-perl-io
amazon-linux-2023-upgrade-perl-io-debuginfo
amazon-linux-2023-upgrade-perl-ipc-open3
amazon-linux-2023-upgrade-perl-less
amazon-linux-2023-upgrade-perl-lib
amazon-linux-2023-upgrade-perl-libnetcfg
amazon-linux-2023-upgrade-perl-libs
amazon-linux-2023-upgrade-perl-libs-debuginfo
amazon-linux-2023-upgrade-perl-locale
amazon-linux-2023-upgrade-perl-locale-maketext-simple
amazon-linux-2023-upgrade-perl-macros
amazon-linux-2023-upgrade-perl-math-complex
amazon-linux-2023-upgrade-perl-memoize
amazon-linux-2023-upgrade-perl-meta-notation
amazon-linux-2023-upgrade-perl-module-loaded
amazon-linux-2023-upgrade-perl-mro
amazon-linux-2023-upgrade-perl-mro-debuginfo
amazon-linux-2023-upgrade-perl-ndbm-file
amazon-linux-2023-upgrade-perl-ndbm-file-debuginfo
amazon-linux-2023-upgrade-perl-net
amazon-linux-2023-upgrade-perl-next
amazon-linux-2023-upgrade-perl-odbm-file
amazon-linux-2023-upgrade-perl-odbm-file-debuginfo
amazon-linux-2023-upgrade-perl-opcode
amazon-linux-2023-upgrade-perl-opcode-debuginfo
amazon-linux-2023-upgrade-perl-open
amazon-linux-2023-upgrade-perl-overload
amazon-linux-2023-upgrade-perl-overloading
amazon-linux-2023-upgrade-perl-ph
amazon-linux-2023-upgrade-perl-pod-functions
amazon-linux-2023-upgrade-perl-pod-html
amazon-linux-2023-upgrade-perl-posix
amazon-linux-2023-upgrade-perl-posix-debuginfo
amazon-linux-2023-upgrade-perl-safe
amazon-linux-2023-upgrade-perl-search-dict
amazon-linux-2023-upgrade-perl-selectsaver
amazon-linux-2023-upgrade-perl-selfloader
amazon-linux-2023-upgrade-perl-sigtrap
amazon-linux-2023-upgrade-perl-sort
amazon-linux-2023-upgrade-perl-subs
amazon-linux-2023-upgrade-perl-symbol
amazon-linux-2023-upgrade-perl-sys-hostname
amazon-linux-2023-upgrade-perl-sys-hostname-debuginfo
amazon-linux-2023-upgrade-perl-term-complete
amazon-linux-2023-upgrade-perl-term-readline
amazon-linux-2023-upgrade-perl-test
amazon-linux-2023-upgrade-perl-tests
amazon-linux-2023-upgrade-perl-text-abbrev
amazon-linux-2023-upgrade-perl-thread
amazon-linux-2023-upgrade-perl-thread-semaphore
amazon-linux-2023-upgrade-perl-tie
amazon-linux-2023-upgrade-perl-tie-file
amazon-linux-2023-upgrade-perl-tie-memoize
amazon-linux-2023-upgrade-perl-time
amazon-linux-2023-upgrade-perl-time-piece
amazon-linux-2023-upgrade-perl-time-piece-debuginfo
amazon-linux-2023-upgrade-perl-unicode-ucd
amazon-linux-2023-upgrade-perl-user-pwent
amazon-linux-2023-upgrade-perl-utils
amazon-linux-2023-upgrade-perl-vars
amazon-linux-2023-upgrade-perl-vmsish

References

Advanced vulnerability management analytics and reporting.

Key Features

Lightweight Endpoint Agent
Live Dashboards
Real Risk Prioritization
IT-Integrated Remediation Projects
Cloud, Virtual, and Container Assessment
Integrated Threat Feeds
Easy-to-Use RESTful API
Automation-Assisted Patching
Automated Containment

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

VULNERABILITY

Amazon Linux 2023: CVE-2023-47100: Medium priority package update for perl

Amazon Linux 2023: CVE-2023-47100: Medium priority package update for perl

Description

Solution(s)

References

Submit your information and we will get in touch with you.

Thank you for contacting us.

We will be in touch shortly.