ID

VAR-202006-1806


CVE

CVE-2020-12723


TITLE

Red Hat Security Advisory 2021-0779-01

Trust: 0.1

sources: PACKETSTORM: 161726

DESCRIPTION

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. A security vulnerability exists in the regcomp.c file in versions prior to Perl 5.30.3. * Improved analytics collection to collect the playbook status for all hosts in a playbook run 3. ========================================================================= Ubuntu Security Notice USN-4602-2 October 27, 2020 perl vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Several security issues were fixed in Perl. Software Description: - perl: Practical Extraction and Report Language Details: USN-4602-1 fixed several vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10543) Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10878) Sergey Aleynikov discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12723) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: perl 5.18.2-2ubuntu1.7+esm3 Ubuntu 12.04 ESM: perl 5.14.2-6ubuntu2.11 In general, a standard system update will make all the necessary changes. Description: Security Fix(es): * Addressed a security issue which can allow a malicious playbook author to elevate to the awx user from outside the isolated environment: CVE-2021-20253 * Upgraded to a more recent version of Django to address CVE-2021-3281. * Upgraded to a more recent version of autobahn to address CVE-2020-35678. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Upgraded to the latest oVirt inventory plugin to resolve a number of inventory syncing issues that can occur on RHEL7. * Upgraded to the latest theforeman.foreman inventory plugin to resolve a few bugs and performance regressions. * Fixed several issues related to how Tower rotates its log files. * Fixed a bug which can prevent Tower from installing on RHEL8 with certain non-en_US.UTF-8 locales. * Fixed a bug which can cause unanticipated delays in certain playbook output. * Fixed a bug which can cause job runs to fail for playbooks that print certain types of raw binary data. * Fixed a bug which can cause unnecessary records in the Activity Stream when Automation Analytics data is collected. * Fixed a bug which can cause Tower PostgreSQL backups to fail when a non-default PostgreSQL username is specified. * Fixed a bug which can intermittently cause access to encrypted Tower settings to fail, resulting in failed job launches. * Fixed a bug which can cause certain long-running jobs running on isolated nodes to unexpectedly fail. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection 1919969 - CVE-2021-3281 django: Potential directory-traversal via archive.extract() 1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape 5. Description: Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 5. 7.4) - noarch, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: perl security update Advisory ID: RHSA-2021:0883-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0883 Issue date: 2021-03-16 CVE Names: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 ==================================================================== 1. Summary: An update for perl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x 3. Description: Perl is a high-level programming language that is commonly used for system administration utilities and web programming. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6): Source: perl-5.16.3-294.el7_6.1.src.rpm noarch: perl-CPAN-1.9800-294.el7_6.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_6.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_6.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_6.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_6.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_6.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_6.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_6.1.noarch.rpm perl-Package-Constants-0.02-294.el7_6.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_6.1.noarch.rpm x86_64: perl-5.16.3-294.el7_6.1.x86_64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.x86_64.rpm perl-core-5.16.3-294.el7_6.1.x86_64.rpm perl-debuginfo-5.16.3-294.el7_6.1.i686.rpm perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-devel-5.16.3-294.el7_6.1.i686.rpm perl-devel-5.16.3-294.el7_6.1.x86_64.rpm perl-libs-5.16.3-294.el7_6.1.i686.rpm perl-libs-5.16.3-294.el7_6.1.x86_64.rpm perl-macros-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6): x86_64: perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-tests-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.6): Source: perl-5.16.3-294.el7_6.1.src.rpm noarch: perl-CPAN-1.9800-294.el7_6.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_6.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_6.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_6.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_6.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_6.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_6.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_6.1.noarch.rpm perl-Package-Constants-0.02-294.el7_6.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_6.1.noarch.rpm ppc64: perl-5.16.3-294.el7_6.1.ppc64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.ppc64.rpm perl-core-5.16.3-294.el7_6.1.ppc64.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc64.rpm perl-devel-5.16.3-294.el7_6.1.ppc.rpm perl-devel-5.16.3-294.el7_6.1.ppc64.rpm perl-libs-5.16.3-294.el7_6.1.ppc.rpm perl-libs-5.16.3-294.el7_6.1.ppc64.rpm perl-macros-5.16.3-294.el7_6.1.ppc64.rpm ppc64le: perl-5.16.3-294.el7_6.1.ppc64le.rpm perl-Time-Piece-1.20.1-294.el7_6.1.ppc64le.rpm perl-core-5.16.3-294.el7_6.1.ppc64le.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-devel-5.16.3-294.el7_6.1.ppc64le.rpm perl-libs-5.16.3-294.el7_6.1.ppc64le.rpm perl-macros-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-5.16.3-294.el7_6.1.s390x.rpm perl-Time-Piece-1.20.1-294.el7_6.1.s390x.rpm perl-core-5.16.3-294.el7_6.1.s390x.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-devel-5.16.3-294.el7_6.1.s390.rpm perl-devel-5.16.3-294.el7_6.1.s390x.rpm perl-libs-5.16.3-294.el7_6.1.s390.rpm perl-libs-5.16.3-294.el7_6.1.s390x.rpm perl-macros-5.16.3-294.el7_6.1.s390x.rpm x86_64: perl-5.16.3-294.el7_6.1.x86_64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.x86_64.rpm perl-core-5.16.3-294.el7_6.1.x86_64.rpm perl-debuginfo-5.16.3-294.el7_6.1.i686.rpm perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-devel-5.16.3-294.el7_6.1.i686.rpm perl-devel-5.16.3-294.el7_6.1.x86_64.rpm perl-libs-5.16.3-294.el7_6.1.i686.rpm perl-libs-5.16.3-294.el7_6.1.x86_64.rpm perl-macros-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: perl-5.16.3-294.el7_6.1.src.rpm aarch64: perl-5.16.3-294.el7_6.1.aarch64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.aarch64.rpm perl-core-5.16.3-294.el7_6.1.aarch64.rpm perl-debuginfo-5.16.3-294.el7_6.1.aarch64.rpm perl-devel-5.16.3-294.el7_6.1.aarch64.rpm perl-libs-5.16.3-294.el7_6.1.aarch64.rpm perl-macros-5.16.3-294.el7_6.1.aarch64.rpm noarch: perl-CPAN-1.9800-294.el7_6.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_6.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_6.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_6.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_6.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_6.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_6.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_6.1.noarch.rpm perl-Package-Constants-0.02-294.el7_6.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_6.1.noarch.rpm ppc64le: perl-5.16.3-294.el7_6.1.ppc64le.rpm perl-Time-Piece-1.20.1-294.el7_6.1.ppc64le.rpm perl-core-5.16.3-294.el7_6.1.ppc64le.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-devel-5.16.3-294.el7_6.1.ppc64le.rpm perl-libs-5.16.3-294.el7_6.1.ppc64le.rpm perl-macros-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-5.16.3-294.el7_6.1.s390x.rpm perl-Time-Piece-1.20.1-294.el7_6.1.s390x.rpm perl-core-5.16.3-294.el7_6.1.s390x.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-devel-5.16.3-294.el7_6.1.s390.rpm perl-devel-5.16.3-294.el7_6.1.s390x.rpm perl-libs-5.16.3-294.el7_6.1.s390.rpm perl-libs-5.16.3-294.el7_6.1.s390x.rpm perl-macros-5.16.3-294.el7_6.1.s390x.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.6): ppc64: perl-debuginfo-5.16.3-294.el7_6.1.ppc64.rpm perl-tests-5.16.3-294.el7_6.1.ppc64.rpm ppc64le: perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-tests-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-tests-5.16.3-294.el7_6.1.s390x.rpm x86_64: perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-tests-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): aarch64: perl-debuginfo-5.16.3-294.el7_6.1.aarch64.rpm perl-tests-5.16.3-294.el7_6.1.aarch64.rpm ppc64le: perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-tests-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-tests-5.16.3-294.el7_6.1.s390x.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/cve/CVE-2020-12723 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFDHuNzjgjWX9erEAQhhNA/9GQIs+FbNQuFMBT9C+/U2BUo/umK4rSk4 Je72FDg879OTTVSXCEsyWVJc+rgh5tvEMaN/89LXmJdOFngSjN9FBK3LFOMONOgD mhr9atQAGvJyUv9pzuKLAxd4fPab365w5OeID7GFcpWKV+EoutUkr+imnkLk1jQ5 eEzk8RFk0s6ZaAg/bpxWDbeAM1rGk6XQ+eZ0mOZjqiP3qb8nCVhg6kWChcxQMsJs 5MGzXQduqmFViwIgRJ1BiRTjg8iOLQ8kPwh8DRYKKArIkNoFQeMpNGQurYWZ32mg pgLo2/anveDKgr5AhphpNC/UveyFlVc7FrvSyB4pzf11h2EJ1eXcts56fXgmOYRX UOSFI0tzFlM+TrGicY9QpVlWZaO6TFdOAog2eZjUB5iFrK+Zha//vsqXlsceFBjw j/DHO3oeV1RP353Ukg2fi4Jusrw94wfPJd++q5PiS/gI2q5MsvN4gBE7pR/jgI9I 95p20J86uiuvYHp12nMvtOYXaTGB1VZOYjEeofRnWFMR1LstC7z1KKldUS6Mxrxq A1kGH2yGx1qwrVfS9D0NeqrTrO/Tht01K0O5S13iidHm+Jg/Gv7xqvU0Ph3KVFiZ 0LTEUZ09XX5/pCzbawmb0Tyy86M97o7RIvJVdqWQXR1GNP6KrFYjDmMuAVNAc3iZ rPmCgN8s+cI=aYxA -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 1.8

sources: NVD: CVE-2020-12723 // VULHUB: VHN-165430 // VULMON: CVE-2020-12723 // PACKETSTORM: 161726 // PACKETSTORM: 159726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162130 // PACKETSTORM: 162245 // PACKETSTORM: 159707 // PACKETSTORM: 161843

AFFECTED PRODUCTS

vendor:oraclemodel:tekelec platform distributionscope:lteversion:7.7.1

Trust: 1.0

vendor:netappmodel:oncommand workflow automationscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:communications offline mediation controllerscope:eqversion:12.0.0.3.0

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:lteversion:8.5.0

Trust: 1.0

vendor:oraclemodel:communications performance intelligence centerscope:lteversion:10.3.0.2.1

Trust: 1.0

vendor:oraclemodel:communications billing and revenue managementscope:eqversion:12.0.0.2.0

Trust: 1.0

vendor:netappmodel:snap creator frameworkscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.4.0.0

Trust: 1.0

vendor:oraclemodel:communications lsmsscope:lteversion:13.4

Trust: 1.0

vendor:oraclemodel:communications eagle application processorscope:lteversion:16.4.0

Trust: 1.0

vendor:oraclemodel:communications eagle application processorscope:gteversion:16.1.0

Trust: 1.0

vendor:oraclemodel:communications performance intelligence centerscope:gteversion:10.3.0.0.0

Trust: 1.0

vendor:oraclemodel:communications performance intelligence centerscope:lteversion:10.4.0.3.1

Trust: 1.0

vendor:oraclemodel:sd-wan edgescope:eqversion:9.1

Trust: 1.0

vendor:oraclemodel:communications billing and revenue managementscope:eqversion:12.0.0.3.0

Trust: 1.0

vendor:oraclemodel:sd-wan edgescope:eqversion:8.2

Trust: 1.0

vendor:oraclemodel:communications eagle lnp application processorscope:eqversion:10.1

Trust: 1.0

vendor:oraclemodel:sd-wan edgescope:eqversion:9.0

Trust: 1.0

vendor:oraclemodel:communications performance intelligence centerscope:gteversion:10.4.0.1.0

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:gteversion:8.0.0

Trust: 1.0

vendor:oraclemodel:tekelec platform distributionscope:gteversion:7.4.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:31

Trust: 1.0

vendor:oraclemodel:communications lsmsscope:gteversion:13.1

Trust: 1.0

vendor:oraclemodel:configuration managerscope:eqversion:12.1.2.0.8

Trust: 1.0

vendor:perlmodel:perlscope:ltversion:5.30.3

Trust: 1.0

vendor:oraclemodel:communications eagle lnp application processorscope:eqversion:10.2

Trust: 1.0

sources: NVD: CVE-2020-12723

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-12723
value: HIGH

Trust: 1.0

VULHUB: VHN-165430
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-12723
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-12723
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-165430
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-12723
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-165430 // VULMON: CVE-2020-12723 // NVD: CVE-2020-12723

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.1

sources: VULHUB: VHN-165430 // NVD: CVE-2020-12723

THREAT TYPE

remote

Trust: 0.2

sources: PACKETSTORM: 159726 // PACKETSTORM: 159707

TYPE

arbitrary

Trust: 0.2

sources: PACKETSTORM: 159726 // PACKETSTORM: 159707

PATCH

title:Red Hat: Moderate: perl security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210557 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: perl security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210343 - Security Advisory

Trust: 0.1

title:Debian CVElist Bug Report Logs: perl: regexp security issues: CVE-2020-10543, CVE-2020-10878, CVE-2020-12723url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=babe2a0596ddd17a5ad75cd3c30c45ff

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1610url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1610

Trust: 0.1

title:Red Hat: Moderate: Red Hat Advanced Cluster Management 2.1.3 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210607 - Security Advisory

Trust: 0.1

title:IBM: Security Bulletin: Cloud Pak for Security contains security vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=08f19f0be4d5dcf7486e5abcdb671477

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title:visualGambasDeltaurl:https://github.com/D5n9sMatrix/visualGambasDelta

Trust: 0.1

title:perl5283deltaurl:https://github.com/D5n9sMatrix/perl5283delta

Trust: 0.1

title:editorGambasDeltaurl:https://github.com/D5n9sMatrix/editorGambasDelta

Trust: 0.1

title:EditorGambasDeltaurl:https://github.com/D5n9sMatrix/EditorGambasDelta

Trust: 0.1

title:litecoin-automationurl:https://github.com/gzukel/litecoin-automation

Trust: 0.1

title: - url:https://github.com/D5n9sMatrix/perltoc

Trust: 0.1

title:snykouturl:https://github.com/garethr/snykout

Trust: 0.1

title:myapp-container-jaxrsurl:https://github.com/akiraabe/myapp-container-jaxrs

Trust: 0.1

sources: VULMON: CVE-2020-12723

EXTERNAL IDS

db:NVDid:CVE-2020-12723

Trust: 2.0

db:PACKETSTORMid:159726

Trust: 0.2

db:PACKETSTORMid:159707

Trust: 0.2

db:PACKETSTORMid:161728

Trust: 0.2

db:PACKETSTORMid:161727

Trust: 0.2

db:PACKETSTORMid:161726

Trust: 0.2

db:PACKETSTORMid:162130

Trust: 0.2

db:PACKETSTORMid:162245

Trust: 0.2

db:PACKETSTORMid:161843

Trust: 0.2

db:PACKETSTORMid:162915

Trust: 0.1

db:PACKETSTORMid:161437

Trust: 0.1

db:PACKETSTORMid:162021

Trust: 0.1

db:PACKETSTORMid:161255

Trust: 0.1

db:PACKETSTORMid:161656

Trust: 0.1

db:CNVDid:CNVD-2020-37943

Trust: 0.1

db:CNNVDid:CNNVD-202006-146

Trust: 0.1

db:VULHUBid:VHN-165430

Trust: 0.1

db:VULMONid:CVE-2020-12723

Trust: 0.1

sources: VULHUB: VHN-165430 // VULMON: CVE-2020-12723 // PACKETSTORM: 161726 // PACKETSTORM: 159726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162130 // PACKETSTORM: 162245 // PACKETSTORM: 159707 // PACKETSTORM: 161843 // NVD: CVE-2020-12723

REFERENCES

url:https://github.com/perl/perl5/blob/blead/pod/perl5303delta.pod

Trust: 1.1

url:https://github.com/perl/perl5/compare/v5.30.2...v5.30.3

Trust: 1.1

url:https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20200611-0001/

Trust: 1.1

url:https://security.gentoo.org/glsa/202006-03

Trust: 1.1

url:https://github.com/perl/perl5/issues/16947

Trust: 1.1

url:https://github.com/perl/perl5/issues/17743

Trust: 1.1

url:https://www.oracle.com//security-alerts/cpujul2021.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuapr2021.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpujan2021.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpujan2022.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuoct2020.html

Trust: 1.1

url:https://www.oracle.com/security-alerts/cpuoct2021.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/in3ttbo5ksgwe5irikdj5jsqrh7annxe/

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2020-12723

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-10878

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-10543

Trust: 0.7

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.6

url:https://access.redhat.com/security/team/contact/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-12723

Trust: 0.6

url:https://bugzilla.redhat.com/):

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-10878

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2020-10543

Trust: 0.5

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20228

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20253

Trust: 0.3

url:https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20191

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20180

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-35678

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20178

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-35678

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20372

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20178

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20191

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20253

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20228

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20372

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-20180

Trust: 0.2

url:https://usn.ubuntu.com/4602-1

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17006

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-12749

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-12401

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-12402

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-1971

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17006

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-11719

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20388

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-12401

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17023

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17023

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-12749

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-6829

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-8177

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-12403

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-12400

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19956

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-11756

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-11756

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-12243

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-12400

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-11727

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-12243

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-11719

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-11727

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-12403

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17498

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17498

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20907

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-12402

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/in3ttbo5ksgwe5irikdj5jsqrh7annxe/

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0779

Trust: 0.1

url:https://usn.ubuntu.com/4602-2

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11023

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11023

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0778

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11022

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-5766

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-5766

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11022

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3281

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3281

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0780

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25211

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1129

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25645

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25656

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5188

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19126

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28374

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25705

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.10/html-single/installing_3scale/index

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29661

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20265

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19532

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-7053

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5094

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5188

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19126

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5094

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19532

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1266

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/perl/5.30.0-9ubuntu0.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/perl/5.22.1-9ubuntu0.9

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/perl/5.26.1-6ubuntu0.5

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0883

Trust: 0.1

sources: VULHUB: VHN-165430 // PACKETSTORM: 161726 // PACKETSTORM: 159726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162130 // PACKETSTORM: 162245 // PACKETSTORM: 159707 // PACKETSTORM: 161843 // NVD: CVE-2020-12723

CREDITS

Red Hat

Trust: 0.6

sources: PACKETSTORM: 161726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162130 // PACKETSTORM: 162245 // PACKETSTORM: 161843

SOURCES

db:VULHUBid:VHN-165430
db:VULMONid:CVE-2020-12723
db:PACKETSTORMid:161726
db:PACKETSTORMid:159726
db:PACKETSTORMid:161727
db:PACKETSTORMid:161728
db:PACKETSTORMid:162130
db:PACKETSTORMid:162245
db:PACKETSTORMid:159707
db:PACKETSTORMid:161843
db:NVDid:CVE-2020-12723

LAST UPDATE DATE

2026-07-12T22:15:43.091000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-165430date:2022-05-12T00:00:00
db:VULMONid:CVE-2020-12723date:2023-11-07T00:00:00
db:NVDid:CVE-2020-12723date:2026-06-17T02:52:11.603

SOURCES RELEASE DATE

db:VULHUBid:VHN-165430date:2020-06-05T00:00:00
db:VULMONid:CVE-2020-12723date:2020-06-05T00:00:00
db:PACKETSTORMid:161726date:2021-03-09T16:23:27
db:PACKETSTORMid:159726date:2020-10-27T16:58:55
db:PACKETSTORMid:161727date:2021-03-09T16:25:11
db:PACKETSTORMid:161728date:2021-03-09T16:26:05
db:PACKETSTORMid:162130date:2021-04-08T14:00:00
db:PACKETSTORMid:162245date:2021-04-20T16:17:10
db:PACKETSTORMid:159707date:2020-10-26T16:43:39
db:PACKETSTORMid:161843date:2021-03-17T14:36:02
db:NVDid:CVE-2020-12723date:2020-06-05T15:15:10.800