CVE-2020-10878
- Source
- https://cve.org/CVERecord?id=CVE-2020-10878
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10878.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-10878
- Downstream
- Related
- Published
- 2020-06-05T14:15:10.527Z
- Modified
- 2026-05-15T12:03:54.738170980Z
- Severity
-
- 8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" ], "vendor_product": "fedoraproject:fedora", "extracted_events": [ { "last_affected": "31" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" ], "vendor_product": "opensuse:leap", "extracted_events": [ { "last_affected": "15.1" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_billing_and_revenue_management", "extracted_events": [ { "last_affected": "12.0.0.2.0" }, { "last_affected": "12.0.0.3.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_diameter_signaling_router", "extracted_events": [ { "introduced": "8.0.0" }, { "last_affected": "8.5.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_eagle_application_processor", "extracted_events": [ { "introduced": "16.1.0" }, { "last_affected": "16.4.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.9:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_eagle_lnp_application_processor", "extracted_events": [ { "last_affected": "10.1" }, { "last_affected": "10.2" }, { "last_affected": "46.7" }, { "last_affected": "46.8" }, { "last_affected": "46.9" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_lsms", "extracted_events": [ { "introduced": "13.1" }, { "last_affected": "13.4" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_offline_mediation_controller", "extracted_events": [ { "last_affected": "12.0.0.3.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_performance_intelligence_center", "extracted_events": [ { "introduced": "10.3.0.0.0" }, { "last_affected": "10.3.0.2.1" }, { "introduced": "10.4.0.1.0" }, { "last_affected": "10.4.0.3.1" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*" ], "vendor_product": "oracle:communications_pricing_design_center", "extracted_events": [ { "last_affected": "12.0.0.3.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.8:*:*:*:*:*:*:*" ], "vendor_product": "oracle:configuration_manager", "extracted_events": [ { "last_affected": "12.1.2.0.8" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*" ], "vendor_product": "oracle:enterprise_manager_base_platform", "extracted_events": [ { "last_affected": "13.4.0.0" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:sd-wan_aware:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:sd-wan_aware:9.1:*:*:*:*:*:*:*" ], "vendor_product": "oracle:sd-wan_aware", "extracted_events": [ { "last_affected": "8.2" }, { "last_affected": "9.0" }, { "last_affected": "9.1" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*" ], "vendor_product": "oracle:tekelec_platform_distribution", "extracted_events": [ { "introduced": "7.4.0" }, { "last_affected": "7.7.1" } ] } ] }- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html
- https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
- https://security.gentoo.org/glsa/202006-03
- https://security.netapp.com/advisory/ntap-20200611-0001/
- https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3
- https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8
- https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/security-alerts/cpuoct2021.html