An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure.
https://access.redhat.com/errata/RHSA-2018:1192
https://security.gentoo.org/glsa/201909-01
https://usn.ubuntu.com/3625-1/
https://www.debian.org/security/2018/dsa-4172