regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12723
Reference (s):
- https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
- URL: https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
- https://github.com/Perl/perl5/compare/v5.30.2 v5.30.3
- URL: https://github.com/Perl/perl5/compare/v5.30.2 v5.30.3
- https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a