products / perl

Perl

Perl 5 remains embedded in ops tooling, legacy web stacks, and enterprise glue code. NVD tracks cpe:2.3:a:perl:perl with a very long tail of historical CVEs alongside modern regex-engine fixes.

api usage

Querying Perl

product slugperl

version format5.36.0, 5.40.0, semver

bash

curl "https://api.attestd.io/v1/check?product=perl&version=5.36.0" \
  -H "Authorization: Bearer $ATTESTD_KEY"

json

{
  "product": "perl",
  "version": "5.36.0",
  "supported": true,
  "risk_state": "high",
  "risk_factors": [
    "memory_corruption",
    "patch_available",
    "internet_exposed_service"
  ],
  "actively_exploited": false,
  "remote_exploitable": true,
  "authentication_required": false,
  "patch_available": true,
  "fixed_version": "5.36.3",
  "confidence": 0.74,
  "cve_ids": ["CVE-2023-47038", "CVE-2023-47039"],
  "last_updated": "2026-05-13T18:00:00Z",
  "supply_chain": null
}

safe version

bash

curl "https://api.attestd.io/v1/check?product=perl&version=5.40.0" \
  -H "Authorization: Bearer $ATTESTD_KEY"

notable cves

CVE history

CVE	Description	CVSS
`CVE-2023-47038`	Write past buffer end via crafted regular expression.	7.0
`CVE-2023-47039`	Unicode property regex handling issue (memory safety class).	7.8

All products Ruby Python Response Field Reference