VDB
CVE-2022-48522
CVE-2022-48522
PUBLISHED
Es besteht eine Schwachstelle in Perl. Dieser Fehler besteht in der Funktion S_find_uninit_var in sv.c aufgrund eines Stack-basierten Absturzes. Ein Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern oder beliebigen Code auszuführen.
EPSS 17.32% · 95.2th percentile
Risk Scores
EPSS Score
17.32%
95.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu | Ubuntu Linux | |
| Open Source | Open Source Perl <= 5.34.0 | |
| IGEL | IGEL OS < 11.09.160 |
Exploit Intelligence
- https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345 (vulncheck-nvd)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- CVE-2025-38062.yara (github-yara)
- TestCommand.yaml (github-poc)
- TestCommand.yaml (github-poc)
- TestCommand.yaml (github-poc)
…and 3 more exploits
Timeline
- Aug 22, 2023 CVE Published
- Aug 23, 2023 EPSS Score
- Sep 25, 2023 EPSS Score
- Nov 30, 2023 EPSS Score
- Jan 3, 2024 EPSS Score
- Mar 9, 2024 EPSS Score
- Apr 11, 2024 EPSS Score
- May 14, 2024 EPSS Score
- Jul 19, 2024 EPSS Score
- Aug 22, 2024 EPSS Score
- Oct 3, 2024 CVE Updated
- Oct 27, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2113.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2113 advisory
- https://github.com/advisories/GHSA-96cv-gp7m-9r39 advisory
- https://ubuntu.com/security/notices/USN-6517-1 advisory
- https://kb.igel.com/securitysafety/en/isn-2023-34-perl-vulnerabilities-108345317.html advisory