{"id":"CVE-2022-48522","details":"In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.","modified":"2026-04-10T04:53:37.042647Z","published":"2023-08-22T19:16:31.153Z","references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230915-0008/"},{"type":"EVIDENCE","url":"https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/perl/perl5","events":[{"introduced":"0"},{"last_affected":"79a7b254d85a10b65126ad99bf10e70480569d68"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"5.34.0-NA"}]}}],"versions":["GitLive-blead","if-0.0603","if-0.0604","if-0.0605","perl-1.0","perl-2.0","perl-3.000","perl-3.044","perl-4.0.00","perl-4.0.36","perl-5.000","perl-5.000o","perl-5.001","perl-5.001n","perl-5.002","perl-5.002_01","perl-5.003","perl-5.005","perl-5.6.0","perl-5.7.0","perl-5.7.1","perl-5.7.2","perl-5.7.3","perl-5.8.0","perl-5.9.0","perl-5.9.1","perl-5.9.2","perl-5.9.3","perl-5.9.4","perl-5.9.5","perl-5a2","perl-5a9","v5.10.0","v5.11.0","v5.11.1","v5.11.3","v5.11.4","v5.11.5","v5.12.0","v5.12.0-RC0","v5.12.0-RC1","v5.12.0-RC2","v5.12.0-RC3","v5.12.0-RC4","v5.12.0-RC5","v5.13.0","v5.13.1","v5.13.10","v5.13.11","v5.13.2","v5.13.3","v5.13.4","v5.13.5","v5.13.6","v5.13.7","v5.13.8","v5.13.9","v5.14.0","v5.14.0-RC1","v5.14.0-RC2","v5.14.0-RC3","v5.15.0","v5.15.1","v5.15.2","v5.15.3","v5.15.4","v5.15.5","v5.15.9","v5.16.0","v5.16.0-RC1","v5.16.0-RC2","v5.17.0","v5.17.2","v5.17.4","v5.17.6","v5.17.7","v5.17.7.0","v5.17.8","v5.17.9","v5.18.0","v5.18.0-RC1","v5.18.0-RC2","v5.18.0-RC3","v5.18.0-RC4","v5.19.0","v5.19.1","v5.19.11","v5.19.2","v5.19.3","v5.19.5","v5.19.7","v5.20.0","v5.20.0-RC1","v5.21.0","v5.21.1","v5.21.10","v5.21.11","v5.21.4","v5.21.5","v5.21.6","v5.21.8","v5.21.9","v5.22.0","v5.22.0-RC1","v5.22.0-RC2","v5.23.0","v5.23.1","v5.23.2","v5.23.3","v5.23.4","v5.23.6","v5.23.7","v5.24.0","v5.24.0-RC1","v5.24.0-RC2","v5.24.0-RC3","v5.24.0-RC4","v5.24.0-RC5","v5.25.0","v5.25.11","v5.25.2","v5.25.3","v5.25.4","v5.25.5","v5.25.7","v5.25.9","v5.26.0","v5.26.0-RC2","v5.27.0","v5.27.10","v5.27.11","v5.27.3","v5.27.5","v5.27.6","v5.27.7","v5.27.8","v5.28.0","v5.28.0-RC1","v5.28.0-RC2","v5.28.0-RC3","v5.28.0-RC4","v5.29.0","v5.29.1","v5.29.10","v5.29.5","v5.29.6","v5.29.7","v5.29.8","v5.29.9","v5.30.0","v5.30.0-RC1","v5.30.0-RC2","v5.31.0","v5.31.1","v5.31.11","v5.31.2","v5.31.3","v5.31.4","v5.31.5","v5.31.7","v5.32.0","v5.32.0-RC1","v5.33.0","v5.33.1","v5.33.2","v5.33.3","v5.33.4","v5.33.7","v5.33.8","v5.33.9","v5.34.0","v5.34.0-RC1","v5.34.0-RC2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48522.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}