CVE-2023-47100
Perl Buffer Overflow Vulnerability
Description
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-47038. Reason: This record is a duplicate of CVE-2023-47038. Notes: All CVE users should reference CVE-2023-47038 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
INFO
Published Date :
Dec. 2, 2023, 11:15 p.m.
Last Modified :
Oct. 7, 2025, 6:15 p.m.
Remotely Exploit :
Yes !
Source :
[email protected]
CVSS Scores
Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
---|---|---|---|---|---|---|
CVSS 3.1 | CRITICAL | [email protected] | ||||
CVSS 3.1 | CRITICAL | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
Solution
- Update the Perl packages to a version greater than 5.38.2.
- If updated packages are unavailable, consult the vendor for more information.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-47100
vulnerability anywhere in the article.

-
Daily CyberSecurity
CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition
A newly disclosed vulnerability in Perl’s threading mechanism, tracked as CVE-2025-40909, exposes systems to race conditions involving the working directory, potentially enabling local attackers to ma ... Read more

-
Daily CyberSecurity
Outlaw Botnet Exploits Weak SSH to Hijack Linux Systems for Crypto Mining
While high-profile ransomware and state-backed APT groups often dominate headlines, it’s crucial not to overlook quieter yet persistent threats. One such threat is Outlaw (also known as “Dota”), a Per ... Read more

-
Daily CyberSecurity
CVE-2024-56406: Heap Overflow Vulnerability in Perl Threatens Denial of Service and Potential Code Execution
Perl, a versatile programming language widely used for various tasks like system administration and web development, has been found to contain a security vulnerability. A recently discovered heap buff ... Read more

-
Cybersecurity News
Critical CVE-2024-45321 Flaw in Popular Perl Module Installer cpanminus, No Patch Available
In a significant security advisory, the Perl community has been alerted to a critical vulnerability, CVE-2024-45321, affecting the widely-used App::cpanminus (cpanm) tool. Rated with a CVSS score of 9 ... Read more
The following table lists the changes that have been made to the
CVE-2023-47100
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by [email protected]
Oct. 07, 2025
Action Type Old Value New Value Changed Description In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-47038. Reason: This record is a duplicate of CVE-2023-47038. Notes: All CVE users should reference CVE-2023-47038 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage. Removed CVSS V3.1 NIST: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Removed CVSS V3.1 CISA-ADP: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Removed CWE NIST: CWE-755 Removed CWE CISA-ADP: CWE-755 Removed CPE Configuration OR *cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:* versions from (including) 5.30.0 up to (excluding) 5.38.2 Removed Reference MITRE: https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010 Removed Reference MITRE: https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6 Removed Reference MITRE: https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 Removed Reference CVE: https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010 Removed Reference CVE: https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6 Removed Reference CVE: https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 Removed Reference Type MITRE: https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 Types: Patch Removed Reference Type CVE: https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 Types: Patch -
CVE Rejected by [email protected]
Oct. 07, 2025
Action Type Old Value New Value -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Jun. 30, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Added CWE CWE-755 -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010 Added Reference https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6 Added Reference https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 -
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value -
CVE Modified by [email protected]
Dec. 14, 2023
Action Type Old Value New Value Added Reference MITRE https://github.com/Perl/perl5/commit/7047915eef37fccd93e7cd985c29fe6be54650b6 [No types assigned] Added Reference MITRE https://github.com/Perl/perl5/commit/12c313ce49b36160a7ca2e9b07ad5bd92ee4a010 [No types assigned] -
Initial Analysis by [email protected]
Dec. 08, 2023
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Changed Reference Type https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 No Types Assigned https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 Patch Added CWE NIST CWE-755 Added CPE Configuration OR *cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:* versions from (including) 5.30.0 up to (excluding) 5.38.2 -
CVE Modified by [email protected]
Dec. 03, 2023
Action Type Old Value New Value Changed Description In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earlies affected version is 5.30.0. In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. -
CVE Received by [email protected]
Dec. 02, 2023
Action Type Old Value New Value Added Description In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earlies affected version is 5.30.0. Added Reference MITRE https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 [No types assigned]
Vulnerability Scoring Details
Base CVSS Score: 9.8
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
0.08 }} 0.00%
score
0.25051
percentile