CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html Mailing List Third Party Advisory
https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod Third Party Advisory
https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3 Third Party Advisory
https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
https://security.gentoo.org/glsa/202006-03 Third Party Advisory
https://security.netapp.com/advisory/ntap-20200611-0001/ Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html Patch Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html Mailing List Third Party Advisory
https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod Third Party Advisory
https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3 Third Party Advisory
https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
https://security.gentoo.org/glsa/202006-03 Third Party Advisory
https://security.netapp.com/advisory/ntap-20200611-0001/ Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:perl:perl:*:*:*:*:*:*:x86:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:configuration_manager:12.1.2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:55

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html - Mailing List, Third Party Advisory
References () https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod - Third Party Advisory () https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod - Third Party Advisory
References () https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3 - Third Party Advisory () https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3 - Third Party Advisory
References () https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed - Patch, Third Party Advisory () https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed - Patch, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/ -
References () https://security.gentoo.org/glsa/202006-03 - Third Party Advisory () https://security.gentoo.org/glsa/202006-03 - Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20200611-0001/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20200611-0001/ - Third Party Advisory
References () https://www.oracle.com//security-alerts/cpujul2021.html - Patch, Third Party Advisory () https://www.oracle.com//security-alerts/cpujul2021.html - Patch, Third Party Advisory
References () https://www.oracle.com/security-alerts/cpuApr2021.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpuApr2021.html - Patch, Third Party Advisory
References () https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory
References () https://www.oracle.com/security-alerts/cpujan2021.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpujan2021.html - Patch, Third Party Advisory
References () https://www.oracle.com/security-alerts/cpujan2022.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpujan2022.html - Patch, Third Party Advisory
References () https://www.oracle.com/security-alerts/cpuoct2020.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpuoct2020.html - Patch, Third Party Advisory
References () https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory

07 Nov 2023, 03:14

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/', 'name': 'FEDORA-2020-fd73c08076', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/ -

Information

Published : 2020-06-05 14:15

Updated : 2024-11-21 04:55


NVD link : CVE-2020-10543

Mitre link : CVE-2020-10543

CVE.ORG link : CVE-2020-10543


JSON object : View

Products Affected

oracle

  • tekelec_platform_distribution
  • communications_lsms
  • sd-wan_edge
  • communications_offline_mediation_controller
  • communications_diameter_signaling_router
  • enterprise_manager_base_platform
  • communications_pricing_design_center
  • communications_performance_intelligence_center
  • configuration_manager
  • communications_eagle_application_processor
  • communications_eagle_lnp_application_processor
  • communications_billing_and_revenue_management

opensuse

  • leap

perl

  • perl

fedoraproject

  • fedora
CWE
CWE-190

Integer Overflow or Wraparound

CWE-787

Out-of-bounds Write