Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. https://nvd.nist.gov/vuln/detail/CVE-2018-18312