Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2020-10543

Published: 05/06/2020 Updated: 07/11/2023
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
CVSS v3 Base Score: 8.2 | Impact Score: 4.2 | Exploitability Score: 3.9
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Subscribe to Perl

Vulnerability Summary

Perl prior to 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

perl perl

fedoraproject fedora 31

opensuse leap 15.1

oracle communications eagle lnp application processor 10.1

oracle communications eagle lnp application processor 10.2

oracle sd-wan edge 9.0

oracle sd-wan edge 8.2

oracle enterprise manager base platform 13.4.0.0

oracle communications billing and revenue management 12.0.0.3.0

oracle communications offline mediation controller 12.0.0.3.0

oracle communications billing and revenue management 12.0.0.2.0

oracle communications diameter signaling router

oracle communications pricing design center 12.0.0.3.0

oracle tekelec platform distribution

oracle communications eagle lnp application processor 46.7

oracle communications eagle lnp application processor 46.8

oracle communications eagle lnp application processor 46.9

oracle communications lsms

oracle configuration manager 12.1.2.0.8

oracle sd-wan edge 9.1

oracle communications eagle application processor

oracle communications performance intelligence center

Vendor Advisories

Red Hat: Moderate: Red Hat Advanced Cluster Management 2.1.3 security and bug fix update
Synopsis Moderate: Red Hat Advanced Cluster Management 213 security and bug fix update Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 213 General Availabilityrelease images, which fix several bugs and security issues Red Hat Product Security has rated ...
Red Hat: Moderate: perl security update
Synopsis Moderate: perl security update Type/Severity Security Advisory: Moderate Topic An update for perl is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gi ...
Debian CVElist Bug Report Logs: perl: regexp security issues: CVE-2020-10543, CVE-2020-10878, CVE-2020-12723
Debian Bug report logs - #962005 perl: regexp security issues: CVE-2020-10543, CVE-2020-10878, CVE-2020-12723 Package: src:perl; Maintainer for src:perl is Niko Tyni <ntyni@debianorg>; Reported by: Dominic Hargreaves <dom@earthli> Date: Mon, 1 Jun 2020 21:15:02 UTC Severity: important Tags: security Found in vers ...
Amazon Linux 2: ALAS2-2021-1610
Perl before 5303 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow (CVE-2020-10543) Perl before 5303 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation A crafted regular expression could lead to malformed bytecode with a poss ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/fd87a3fc00e025fdc5034360097d2bdf
Critical Infrastructure Sectors: Critical Manufacturing

Github Repositories

https://github.com/pbavinck/CICD_CloudBuild_01

2 Google Cloud Build demos using Cloud Run, Cloud Run on Anthos, Vulnarability Scanning and Binary Authorization.

Introduction This repository takes you through 2 demos: Simple Cloud Build pipeline to deploy to managed Google Cloud Run More advanced pipeline (testing, vulnarability scanning, Binary Authorization) to deploy to Cloud Run on Anthos / GKE Please note that the content of this repository is not an officially supported Google product It does however use officially supported Go

References

CWE-787CWE-190https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03edhttps://github.com/Perl/perl5/blob/blead/pod/perl5303delta.podhttps://security.netapp.com/advisory/ntap-20200611-0001/https://security.gentoo.org/glsa/202006-03http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://www.oracle.com/security-alerts/cpujan2022.htmlhttps://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/https://access.redhat.com/errata/RHSA-2021:0607https://nvd.nist.govhttps://github.com/pbavinck/CICD_CloudBuild_01https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10https://alas.aws.amazon.com/AL2/ALAS-2021-1610.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28254CVE-2024-32515CVE-2024-21338validationCVE-2024-32522dosCVE-2024-2101CVE-2024-21107elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook