vulnerability
CentOS Linux: CVE-2020-10878: Moderate: perl security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | 2020-06-05 | 2021-02-04 | 2023-05-25 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
2020-06-05
Added
2021-02-04
Modified
2023-05-25
Description
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Solution(s)
centos-upgrade-perlcentos-upgrade-perl-attribute-handlerscentos-upgrade-perl-corecentos-upgrade-perl-cpancentos-upgrade-perl-debuginfocentos-upgrade-perl-debugsourcecentos-upgrade-perl-develcentos-upgrade-perl-devel-peekcentos-upgrade-perl-devel-peek-debuginfocentos-upgrade-perl-devel-selfstubbercentos-upgrade-perl-errnocentos-upgrade-perl-extutils-cbuildercentos-upgrade-perl-extutils-embedcentos-upgrade-perl-extutils-installcentos-upgrade-perl-extutils-miniperlcentos-upgrade-perl-interpretercentos-upgrade-perl-interpreter-debuginfocentos-upgrade-perl-iocentos-upgrade-perl-io-debuginfocentos-upgrade-perl-io-zlibcentos-upgrade-perl-libnetcfgcentos-upgrade-perl-libscentos-upgrade-perl-libs-debuginfocentos-upgrade-perl-locale-maketext-simplecentos-upgrade-perl-macroscentos-upgrade-perl-math-complexcentos-upgrade-perl-memoizecentos-upgrade-perl-module-corelistcentos-upgrade-perl-module-loadedcentos-upgrade-perl-net-pingcentos-upgrade-perl-object-accessorcentos-upgrade-perl-opencentos-upgrade-perl-package-constantscentos-upgrade-perl-pod-escapescentos-upgrade-perl-pod-htmlcentos-upgrade-perl-selfloadercentos-upgrade-perl-testcentos-upgrade-perl-testscentos-upgrade-perl-time-piececentos-upgrade-perl-time-piece-debuginfocentos-upgrade-perl-utils
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.