CVE-2022-48522
CRITICALPerl 5.34.0 - Out-of-bounds Write in S_find_uninit_var
Title source: llmDescription
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
References (2)
Core 2
Core References
Exploit
https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230915-0008/
Scores
CVSS v3
9.8
EPSS
0.0205
EPSS Percentile
78.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (1)
perl/perl
5.34.0
Published
Aug 22, 2023
Tracked Since
Feb 18, 2026