CVE-2020-10543

🗓️ 05 Jun 2020 13:17:49Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 357 Views

Perl 5.30.3 32-bit platform heap-based buffer overflow due to integer overflow in nested regex quantifiers

Reporter	Title	Published	Views	Family All 172
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	1 Dec 202316:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities	26 Mar 202504:05	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Perl affect AIX (CVE-2020-10543, CVE-2020-10878, and CVE-2020-12723)	4 Mar 202117:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues	30 Nov 202318:45	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Perl affects IBM watsonx.data	18 Sep 202416:58	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security contains security vulnerabilities	13 May 202121:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple vulnerabilities in Perl	11 Jul 202313:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Perl (CVE-2020-10543).	12 Jan 202321:59	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs	19 Oct 202115:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a heap-based buffer overflow in Perl (CVE-2020-10543)	25 May 202316:58	–	ibm

NVD

Node

perl perlRange<5.30.3x86

Node

fedoraproject fedoraMatch31

Node

opensuse leapMatch15.1

Node

oracle communications_billing_and_revenue_managementMatch12.0.0.2.0

oracle communications_billing_and_revenue_managementMatch12.0.0.3.0

oracle communications_diameter_signaling_routerRange8.0.0–8.5.0

oracle communications_eagle_application_processorRange16.1.0–16.4.0

oracle communications_eagle_lnp_application_processorMatch10.1

oracle communications_eagle_lnp_application_processorMatch10.2

oracle communications_eagle_lnp_application_processorMatch46.7

oracle communications_eagle_lnp_application_processorMatch46.8

oracle communications_eagle_lnp_application_processorMatch46.9

oracle communications_lsmsRange13.1–13.4

oracle communications_offline_mediation_controllerMatch12.0.0.3.0

oracle communications_performance_intelligence_centerRange10.3.0.0.0–10.3.0.2.1

oracle communications_performance_intelligence_centerRange10.4.0.1.0–10.4.0.3.1

oracle communications_pricing_design_centerMatch12.0.0.3.0

oracle configuration_managerMatch12.1.2.0.8

oracle enterprise_manager_base_platformMatch13.4.0.0

oracle sd-wan_edgeMatch8.2

oracle sd-wan_edgeMatch9.0

oracle sd-wan_edgeMatch9.1

oracle tekelec_platform_distributionRange7.4.0–7.7.1

Source	Link
lists	www.lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
security	www.security.netapp.com/advisory/ntap-20200611-0001/
oracle	www.oracle.com/security-alerts/cpujan2021.html
oracle	www.oracle.com//security-alerts/cpujul2021.html
oracle	www.oracle.com/security-alerts/cpuapr2022.html
github	www.github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed
oracle	www.oracle.com/security-alerts/cpuApr2021.html
github	www.github.com/Perl/perl5/compare/v5.30.2...v5.30.3
oracle	www.oracle.com/security-alerts/cpuoct2020.html

21 Nov 2024 04:55Current

8.7High risk

Vulners AI Score8.7

CVSS 26.4

CVSS 3.18.2

EPSS0.04289