CVE-2009-3626
EPSS 1.3%
Description
Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match.
How to fix CVE-2009-3626
To remediate CVE-2009-3626, upgrade the affected package to a fixed version below.
- Debian/perl—upgrade to 5.10.1-6 or later
Is CVE-2009-3626 being exploited?
Low — EPSS is 1.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 5.10.1-6