vulnerability
Alma Linux: CVE-2020-10878: Moderate: perl security and bug fix update (ALSA-2021-1678)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jun 5, 2020 | May 4, 2022 | May 4, 2022 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jun 5, 2020
Added
May 4, 2022
Modified
May 4, 2022
Description
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Solution(s)
alma-upgrade-perlalma-upgrade-perl-Attribute-Handlersalma-upgrade-perl-Devel-Peekalma-upgrade-perl-Devel-SelfStubberalma-upgrade-perl-Errnoalma-upgrade-perl-ExtUtils-Embedalma-upgrade-perl-ExtUtils-Miniperlalma-upgrade-perl-IOalma-upgrade-perl-IO-Zlibalma-upgrade-perl-Locale-Maketext-Simplealma-upgrade-perl-Math-Complexalma-upgrade-perl-Memoizealma-upgrade-perl-Module-Loadedalma-upgrade-perl-Net-Pingalma-upgrade-perl-Pod-Htmlalma-upgrade-perl-SelfLoaderalma-upgrade-perl-Testalma-upgrade-perl-Time-Piecealma-upgrade-perl-develalma-upgrade-perl-interpreteralma-upgrade-perl-libnetcfgalma-upgrade-perl-libsalma-upgrade-perl-macrosalma-upgrade-perl-openalma-upgrade-perl-testsalma-upgrade-perl-utils
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.