Description
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
Remediation
References
Related Vulnerabilities
Envoy Proxy CVE-2024-23324 Vulnerability (CVE-2024-23324)
WordPress Plugin Yasr-Yet Another Stars Rating PHP Object Injection (1.8.6)
WordPress Plugin Google Authenticator Unspecified Vulnerability (0.47)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-0217)
MediaWiki Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-31556)