CVE-2020-10543

Severity

Theme

CVE-2020-10543

high

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

References

https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3

https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed

https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod

https://security.netapp.com/advisory/ntap-20200611-0001/

https://security.gentoo.org/glsa/202006-03

https://lists.fedoraproject.org/archives/list/[email protected]/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/security-alerts/cpujan2021.html

https://www.oracle.com/security-alerts/cpuApr2021.html

https://www.oracle.com//security-alerts/cpujul2021.html

https://www.oracle.com/security-alerts/cpuoct2021.html

Details

Source: MITRE

Published: 2020-06-05

Updated: 2021-12-03

Type: CWE-787

Risk Information

CVSS v2

Base Score: 6.4

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

Impact Score: 4.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 8.2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Impact Score: 4.2

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

ID	Name	Product	Family	Severity
154625	NewStart CGSL CORE 5.04 / MAIN 5.04 : perl Multiple Vulnerabilities (NS-SA-2021-0099)	Nessus	NewStart CGSL Local Security Checks	high
154556	NewStart CGSL MAIN 6.02 : perl Multiple Vulnerabilities (NS-SA-2021-0134)	Nessus	NewStart CGSL Local Security Checks	high
154484	NewStart CGSL CORE 5.05 / MAIN 5.05 : perl Multiple Vulnerabilities (NS-SA-2021-0184)	Nessus	NewStart CGSL Local Security Checks	high
152026	Oracle Database Server Multiple Vulnerabilities (Jul 2021 CPU)	Nessus	Databases	high
151848	RHEL 8 : perl (RHSA-2021:2792)	Nessus	Red Hat Local Security Checks	high
151395	EulerOS Virtualization 3.0.2.2 : perl (EulerOS-SA-2021-2157)	Nessus	Huawei Local Security Checks	high
149935	Oracle Linux 8 : perl (ELSA-2021-1678)	Nessus	Oracle Linux Local Security Checks	high
149822	Oracle Linux 6 : perl (ELSA-2021-9238)	Nessus	Oracle Linux Local Security Checks	high
149759	CentOS 8 : perl (CESA-2021:1678)	Nessus	CentOS Local Security Checks	high
149678	RHEL 8 : perl (RHSA-2021:1678)	Nessus	Red Hat Local Security Checks	high
148889	RHEL 7 : perl (RHSA-2021:1032)	Nessus	Red Hat Local Security Checks	high
148860	RHEL 7 : perl (RHSA-2021:1266)	Nessus	Red Hat Local Security Checks	high
148028	Photon OS 4.0: Perl PHSA-2021-4.0-0006	Nessus	PhotonOS Local Security Checks	high
147832	RHEL 7 : perl (RHSA-2021:0883)	Nessus	Red Hat Local Security Checks	high
147426	EulerOS Virtualization 2.9.1 : perl (EulerOS-SA-2021-1621)	Nessus	Huawei Local Security Checks	high
146623	Amazon Linux 2 : perl (ALAS-2021-1610)	Nessus	Amazon Linux Local Security Checks	high
146100	CentOS 7 : perl (CESA-2021:0343)	Nessus	CentOS Local Security Checks	high
146083	Oracle Linux 7 : perl (ELSA-2021-0343)	Nessus	Oracle Linux Local Security Checks	high
146072	RHEL 7 : perl (RHSA-2021:0343)	Nessus	Red Hat Local Security Checks	high
146065	Scientific Linux Security Update : perl on SL7.x i686/x86_64 (2021:0343)	Nessus	Scientific Linux Local Security Checks	high
144320	AIX 7.2 TL 3 : perl (IJ26986)	Nessus	AIX Local Security Checks	high
144314	AIX 7.1 TL 5 : perl (IJ26985)	Nessus	AIX Local Security Checks	high
142579	EulerOS Virtualization 3.0.6.6 : perl (EulerOS-SA-2020-2459)	Nessus	Huawei Local Security Checks	high
142313	EulerOS 2.0 SP2 : perl (EulerOS-SA-2020-2380)	Nessus	Huawei Local Security Checks	high
141913	Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Perl vulnerabilities (USN-4602-1)	Nessus	Ubuntu Local Security Checks	high
140852	EulerOS 2.0 SP3 : perl (EulerOS-SA-2020-2085)	Nessus	Huawei Local Security Checks	high
140337	EulerOS Virtualization for ARM 64 3.0.2.0 : perl (EulerOS-SA-2020-1967)	Nessus	Huawei Local Security Checks	high
140164	EulerOS 2.0 SP5 : perl (EulerOS-SA-2020-1943)	Nessus	Huawei Local Security Checks	high
139997	EulerOS Virtualization for ARM 64 3.0.6.0 : perl (EulerOS-SA-2020-1894)	Nessus	Huawei Local Security Checks	high
139150	EulerOS 2.0 SP8 : perl (EulerOS-SA-2020-1820)	Nessus	Huawei Local Security Checks	high
138697	openSUSE Security Update : perl (openSUSE-2020-850)	Nessus	SuSE Local Security Checks	high
138277	SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2020:1682-2)	Nessus	SuSE Local Security Checks	high
138276	SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2020:1682-1)	Nessus	SuSE Local Security Checks	high
138271	SUSE SLES12 Security Update : perl (SUSE-SU-2020:1662-1)	Nessus	SuSE Local Security Checks	high
137784	Photon OS 3.0: Perl PHSA-2020-3.0-0104	Nessus	PhotonOS Local Security Checks	high
137719	Photon OS 2.0: Perl PHSA-2020-2.0-0254	Nessus	PhotonOS Local Security Checks	high
137641	Photon OS 1.0: Perl PHSA-2020-1.0-0301	Nessus	PhotonOS Local Security Checks	high
137437	Fedora 31 : 4:perl (2020-fd73c08076)	Nessus	Fedora Local Security Checks	high
137383	GLSA-202006-03 : Perl: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
137157	Fedora 32 : 4:perl (2020-4021bf2ae8)	Nessus	Fedora Local Security Checks	high

CVE-2020-10543

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high