Description
Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow.
Remediation
References
Related Vulnerabilities
Drupal Core 7.x Multiple Cross-Site Scripting Vulnerabilities (7.0 - 7.85)
WordPress Plugin WP-Live Chat by 3CX Arbitrary File Upload (8.0.31)
WordPress Plugin Events Manager CSV Injection (5.9.7.1)
SharePoint CVE-2021-34517 Vulnerability (CVE-2021-34517)
WordPress Plugin WP Job Manager PHP Object Injection (1.31.2)