Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-16156
HistoryDec 13, 2021 - 6:15 p.m.

CVE-2020-16156

2021-12-1318:15:07
CWE-347
[email protected]
web.nvd.nist.gov
4
cpan 2.28
signature verification
vulnerability
cve-2020-16156

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

56.4%

JSON

CPAN 2.28 allows Signature Verification Bypass.

Affected configurations

Nvd
Node
perlcomprehensive_perl_archive_networkMatch2.28-perl
OR
perlcomprehensive_perl_archive_networkMatch2.28trialperl
Node
fedoraprojectfedoraMatch34
OR
fedoraprojectfedoraMatch35
VendorProductVersionCPE
perlcomprehensive_perl_archive_network2.28cpe:2.3:a:perl:comprehensive_perl_archive_network:2.28:-:*:*:*:perl:*:*
perlcomprehensive_perl_archive_network2.28cpe:2.3:a:perl:comprehensive_perl_archive_network:2.28:trial:*:*:*:perl:*:*
fedoraprojectfedora34cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
fedoraprojectfedora35cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Related

openvas 10
cloudfoundry 1
ubuntu 2
cvelist 1
cve 1
nessus 11
mageia 1
prion 1
cnvd 1
redhatcve 1
fedora 2
ubuntucve 1
cloudlinux 1
osv 1
debiancve 1
oracle 1
avleonov 1
openvas
openvas
Fedora: Security Advisory for perl-CPAN (FEDORA-2022-84fd87f7eb)
2022-01-12 00:00:00
Huawei EulerOS: Security Advisory for perl-CPAN (EulerOS-SA-2022-1358)
2022-03-29 00:00:00
Mageia: Security Advisory (MGASA-2022-0018)
2022-01-28 00:00:00
cloudfoundry
cloudfoundry
USN-5689-1: Perl vulnerability | Cloud Foundry
2022-12-07 00:00:00
ubuntu
ubuntu
Perl vulnerability
2022-11-28 00:00:00
Perl vulnerability
2022-10-19 00:00:00
cvelist
cvelist
CVE-2020-16156
2021-12-13 17:03:00
cve
cve
CVE-2020-16156
2021-12-13 18:15:07
nessus
nessus
EulerOS Virtualization 3.0.6.6 : perl (EulerOS-SA-2023-2432)
2023-07-26 00:00:00
Ubuntu 22.10 : Perl vulnerability (USN-5689-2)
2022-11-28 00:00:00
EulerOS Virtualization 3.0.6.0 : perl-CPAN (EulerOS-SA-2022-2581)
2022-10-10 00:00:00
mageia
mageia
Updated perl-CPAN packages fix security vulnerability
2022-01-15 11:09:56
prion
prion
Security feature bypass
2021-12-13 18:15:00
cnvd
cnvd
cpanminus data forgery issue vulnerability
2021-12-15 00:00:00
redhatcve
redhatcve
CVE-2020-16156
2021-12-23 13:21:12
fedora
fedora
[SECURITY] Fedora 35 Update: perl-CPAN-2.29-1.fc35
2022-01-12 01:24:09
[SECURITY] Fedora 34 Update: perl-CPAN-2.29-1.fc34
2022-01-12 01:16:24
ubuntucve
ubuntucve
CVE-2020-16156
2021-12-13 00:00:00
cloudlinux
cloudlinux
perl: Fix of CVE-2020-16156
2022-11-10 22:47:14
osv
osv
perl vulnerability
2022-10-19 11:10:27
debiancve
debiancve
CVE-2020-16156
2021-12-13 18:15:07
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

56.4%

JSON
Related for NVD:CVE-2020-16156
openvas10cloudfoundry1ubuntu2cvelist1cve1nessus11mageia1prion1cnvd1redhatcve1fedora2ubuntucve1cloudlinux1osv1debiancve1oracle1avleonov1