CVE-2020-10878
05.06.2020, 14:15
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| perl | perl | 𝑥 < 5.30.3 |
| opensuse | leap | 15.1 |
| netapp | oncommand_workflow_automation | - |
| netapp | snap_creator_framework | - |
| oracle | communications_billing_and_revenue_management | 12.0.0.2.0 |
| oracle | communications_billing_and_revenue_management | 12.0.0.3.0 |
| oracle | communications_diameter_signaling_router | 8.0.0 ≤ 𝑥 ≤ 8.5.0 |
| oracle | communications_eagle_application_processor | 16.1.0 ≤ 𝑥 ≤ 16.4.0 |
| oracle | communications_eagle_lnp_application_processor | 10.1 |
| oracle | communications_eagle_lnp_application_processor | 10.2 |
| oracle | communications_eagle_lnp_application_processor | 46.7 |
| oracle | communications_eagle_lnp_application_processor | 46.8 |
| oracle | communications_eagle_lnp_application_processor | 46.9 |
| oracle | communications_lsms | 13.1 ≤ 𝑥 ≤ 13.4 |
| oracle | communications_offline_mediation_controller | 12.0.0.3.0 |
| oracle | communications_performance_intelligence_center | 10.3.0.0.0 ≤ 𝑥 ≤ 10.3.0.2.1 |
| oracle | communications_performance_intelligence_center | 10.4.0.1.0 ≤ 𝑥 ≤ 10.4.0.3.1 |
| oracle | communications_pricing_design_center | 12.0.0.3.0 |
| oracle | configuration_manager | 12.1.2.0.8 |
| oracle | enterprise_manager_base_platform | 13.4.0.0 |
| oracle | sd-wan_aware | 8.2 |
| oracle | sd-wan_aware | 9.0 |
| oracle | sd-wan_aware | 9.1 |
| oracle | tekelec_platform_distribution | 7.4.0 ≤ 𝑥 ≤ 7.7.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| perl |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| perl-32bit |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| perl-base |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| perl-base-32bit |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| perl-core-DB_File |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| perl-doc |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| perl |
| ||||||||||||
| perl-Attribute-Handlers |
| ||||||||||||
| perl-CPAN |
| ||||||||||||
| perl-Devel-Peek |
| ||||||||||||
| perl-Devel-SelfStubber |
| ||||||||||||
| perl-Errno |
| ||||||||||||
| perl-ExtUtils-CBuilder |
| ||||||||||||
| perl-ExtUtils-Embed |
| ||||||||||||
| perl-ExtUtils-Install |
| ||||||||||||
| perl-ExtUtils-Miniperl |
| ||||||||||||
| perl-IO |
| ||||||||||||
| perl-IO-Zlib |
| ||||||||||||
| perl-Locale-Maketext-Simple |
| ||||||||||||
| perl-Math-Complex |
| ||||||||||||
| perl-Memoize |
| ||||||||||||
| perl-Module-CoreList |
| ||||||||||||
| perl-Module-Loaded |
| ||||||||||||
| perl-Net-Ping |
| ||||||||||||
| perl-Object-Accessor |
| ||||||||||||
| perl-Package-Constants |
| ||||||||||||
| perl-Pod-Escapes |
| ||||||||||||
| perl-Pod-Html |
| ||||||||||||
| perl-SelfLoader |
| ||||||||||||
| perl-Test |
| ||||||||||||
| perl-Time-Piece |
| ||||||||||||
| perl-core |
| ||||||||||||
| perl-devel |
| ||||||||||||
| perl-interpreter |
| ||||||||||||
| perl-libnetcfg |
| ||||||||||||
| perl-libs |
| ||||||||||||
| perl-macros |
| ||||||||||||
| perl-open |
| ||||||||||||
| perl-tests |
| ||||||||||||
| perl-utils |
|
References