Details of VAR-202006-1807

ID

VAR-202006-1807

CVE

CVE-2020-10878

TITLE

Perl Integer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-006178

DESCRIPTION

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. Perl Exists in an integer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. An input validation error vulnerability exists in Perl versions prior to 5.30.3. The vulnerability is caused by the program's incorrect handling of the \"PL_regkind[OP(n)] == NOTHING\" case. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [perl-net-ping] wrong return value on failing DNS name lookup (BZ#1973177) 4. Description: Security Fix(es): * Addressed a security issue which can allow a malicious playbook author to elevate to the awx user from outside the isolated environment: CVE-2021-20253 * Upgraded to a more recent version of Django to address CVE-2021-3281. * Upgraded to a more recent version of autobahn to address CVE-2020-35678. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Upgraded to the latest oVirt inventory plugin to resolve a number of inventory syncing issues that can occur on RHEL7. * Upgraded to the latest theforeman.foreman inventory plugin to resolve a few bugs and performance regressions. * Fixed several issues related to how Tower rotates its log files. * Fixed a bug which can prevent Tower from installing on RHEL8 with certain non-en_US.UTF-8 locales. * Fixed a bug which can cause unanticipated delays in certain playbook output. * Fixed a bug which can cause job runs to fail for playbooks that print certain types of raw binary data. * Fixed a bug which can cause unnecessary records in the Activity Stream when Automation Analytics data is collected. * Fixed a bug which can cause Tower PostgreSQL backups to fail when a non-default PostgreSQL username is specified. * Fixed a bug which can intermittently cause access to encrypted Tower settings to fail, resulting in failed job launches. * Fixed a bug which can cause certain long-running jobs running on isolated nodes to unexpectedly fail. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection 1919969 - CVE-2021-3281 django: Potential directory-traversal via archive.extract() 1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape 5. ========================================================================== Ubuntu Security Notice USN-4602-1 October 26, 2020 perl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Perl. Software Description: - perl: Practical Extraction and Report Language Details: ManhND discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10543) Hugo van der Sanden and Slaven Rezic discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-10878) Sergey Aleynikov discovered that Perl incorrectly handled certain regular expressions. In environments where untrusted regular expressions are evaluated, a remote attacker could possibly use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12723) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: perl 5.30.0-9ubuntu0.2 Ubuntu 18.04 LTS: perl 5.26.1-6ubuntu0.5 Ubuntu 16.04 LTS: perl 5.22.1-9ubuntu0.9 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: perl security update Advisory ID: RHSA-2021:0883-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0883 Issue date: 2021-03-16 CVE Names: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 ==================================================================== 1. Summary: An update for perl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x 3. Description: Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543) * perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (CVE-2020-10878) * perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1837975 - CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS 1837988 - CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS 1838000 - CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS 1933589 - perl FTBFS: ../cpan/Time-Local/t/Local.t test fails in year 2020 [rhel-7.6.z] 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6): Source: perl-5.16.3-294.el7_6.1.src.rpm noarch: perl-CPAN-1.9800-294.el7_6.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_6.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_6.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_6.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_6.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_6.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_6.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_6.1.noarch.rpm perl-Package-Constants-0.02-294.el7_6.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_6.1.noarch.rpm x86_64: perl-5.16.3-294.el7_6.1.x86_64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.x86_64.rpm perl-core-5.16.3-294.el7_6.1.x86_64.rpm perl-debuginfo-5.16.3-294.el7_6.1.i686.rpm perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-devel-5.16.3-294.el7_6.1.i686.rpm perl-devel-5.16.3-294.el7_6.1.x86_64.rpm perl-libs-5.16.3-294.el7_6.1.i686.rpm perl-libs-5.16.3-294.el7_6.1.x86_64.rpm perl-macros-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6): x86_64: perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-tests-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.6): Source: perl-5.16.3-294.el7_6.1.src.rpm noarch: perl-CPAN-1.9800-294.el7_6.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_6.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_6.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_6.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_6.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_6.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_6.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_6.1.noarch.rpm perl-Package-Constants-0.02-294.el7_6.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_6.1.noarch.rpm ppc64: perl-5.16.3-294.el7_6.1.ppc64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.ppc64.rpm perl-core-5.16.3-294.el7_6.1.ppc64.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc64.rpm perl-devel-5.16.3-294.el7_6.1.ppc.rpm perl-devel-5.16.3-294.el7_6.1.ppc64.rpm perl-libs-5.16.3-294.el7_6.1.ppc.rpm perl-libs-5.16.3-294.el7_6.1.ppc64.rpm perl-macros-5.16.3-294.el7_6.1.ppc64.rpm ppc64le: perl-5.16.3-294.el7_6.1.ppc64le.rpm perl-Time-Piece-1.20.1-294.el7_6.1.ppc64le.rpm perl-core-5.16.3-294.el7_6.1.ppc64le.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-devel-5.16.3-294.el7_6.1.ppc64le.rpm perl-libs-5.16.3-294.el7_6.1.ppc64le.rpm perl-macros-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-5.16.3-294.el7_6.1.s390x.rpm perl-Time-Piece-1.20.1-294.el7_6.1.s390x.rpm perl-core-5.16.3-294.el7_6.1.s390x.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-devel-5.16.3-294.el7_6.1.s390.rpm perl-devel-5.16.3-294.el7_6.1.s390x.rpm perl-libs-5.16.3-294.el7_6.1.s390.rpm perl-libs-5.16.3-294.el7_6.1.s390x.rpm perl-macros-5.16.3-294.el7_6.1.s390x.rpm x86_64: perl-5.16.3-294.el7_6.1.x86_64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.x86_64.rpm perl-core-5.16.3-294.el7_6.1.x86_64.rpm perl-debuginfo-5.16.3-294.el7_6.1.i686.rpm perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-devel-5.16.3-294.el7_6.1.i686.rpm perl-devel-5.16.3-294.el7_6.1.x86_64.rpm perl-libs-5.16.3-294.el7_6.1.i686.rpm perl-libs-5.16.3-294.el7_6.1.x86_64.rpm perl-macros-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: perl-5.16.3-294.el7_6.1.src.rpm aarch64: perl-5.16.3-294.el7_6.1.aarch64.rpm perl-Time-Piece-1.20.1-294.el7_6.1.aarch64.rpm perl-core-5.16.3-294.el7_6.1.aarch64.rpm perl-debuginfo-5.16.3-294.el7_6.1.aarch64.rpm perl-devel-5.16.3-294.el7_6.1.aarch64.rpm perl-libs-5.16.3-294.el7_6.1.aarch64.rpm perl-macros-5.16.3-294.el7_6.1.aarch64.rpm noarch: perl-CPAN-1.9800-294.el7_6.1.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-294.el7_6.1.noarch.rpm perl-ExtUtils-Embed-1.30-294.el7_6.1.noarch.rpm perl-ExtUtils-Install-1.58-294.el7_6.1.noarch.rpm perl-IO-Zlib-1.10-294.el7_6.1.noarch.rpm perl-Locale-Maketext-Simple-0.21-294.el7_6.1.noarch.rpm perl-Module-CoreList-2.76.02-294.el7_6.1.noarch.rpm perl-Module-Loaded-0.08-294.el7_6.1.noarch.rpm perl-Object-Accessor-0.42-294.el7_6.1.noarch.rpm perl-Package-Constants-0.02-294.el7_6.1.noarch.rpm perl-Pod-Escapes-1.04-294.el7_6.1.noarch.rpm ppc64le: perl-5.16.3-294.el7_6.1.ppc64le.rpm perl-Time-Piece-1.20.1-294.el7_6.1.ppc64le.rpm perl-core-5.16.3-294.el7_6.1.ppc64le.rpm perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-devel-5.16.3-294.el7_6.1.ppc64le.rpm perl-libs-5.16.3-294.el7_6.1.ppc64le.rpm perl-macros-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-5.16.3-294.el7_6.1.s390x.rpm perl-Time-Piece-1.20.1-294.el7_6.1.s390x.rpm perl-core-5.16.3-294.el7_6.1.s390x.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390.rpm perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-devel-5.16.3-294.el7_6.1.s390.rpm perl-devel-5.16.3-294.el7_6.1.s390x.rpm perl-libs-5.16.3-294.el7_6.1.s390.rpm perl-libs-5.16.3-294.el7_6.1.s390x.rpm perl-macros-5.16.3-294.el7_6.1.s390x.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.6): ppc64: perl-debuginfo-5.16.3-294.el7_6.1.ppc64.rpm perl-tests-5.16.3-294.el7_6.1.ppc64.rpm ppc64le: perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-tests-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-tests-5.16.3-294.el7_6.1.s390x.rpm x86_64: perl-debuginfo-5.16.3-294.el7_6.1.x86_64.rpm perl-tests-5.16.3-294.el7_6.1.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): aarch64: perl-debuginfo-5.16.3-294.el7_6.1.aarch64.rpm perl-tests-5.16.3-294.el7_6.1.aarch64.rpm ppc64le: perl-debuginfo-5.16.3-294.el7_6.1.ppc64le.rpm perl-tests-5.16.3-294.el7_6.1.ppc64le.rpm s390x: perl-debuginfo-5.16.3-294.el7_6.1.s390x.rpm perl-tests-5.16.3-294.el7_6.1.s390x.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/cve/CVE-2020-12723 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFDHuNzjgjWX9erEAQhhNA/9GQIs+FbNQuFMBT9C+/U2BUo/umK4rSk4 Je72FDg879OTTVSXCEsyWVJc+rgh5tvEMaN/89LXmJdOFngSjN9FBK3LFOMONOgD mhr9atQAGvJyUv9pzuKLAxd4fPab365w5OeID7GFcpWKV+EoutUkr+imnkLk1jQ5 eEzk8RFk0s6ZaAg/bpxWDbeAM1rGk6XQ+eZ0mOZjqiP3qb8nCVhg6kWChcxQMsJs 5MGzXQduqmFViwIgRJ1BiRTjg8iOLQ8kPwh8DRYKKArIkNoFQeMpNGQurYWZ32mg pgLo2/anveDKgr5AhphpNC/UveyFlVc7FrvSyB4pzf11h2EJ1eXcts56fXgmOYRX UOSFI0tzFlM+TrGicY9QpVlWZaO6TFdOAog2eZjUB5iFrK+Zha//vsqXlsceFBjw j/DHO3oeV1RP353Ukg2fi4Jusrw94wfPJd++q5PiS/gI2q5MsvN4gBE7pR/jgI9I 95p20J86uiuvYHp12nMvtOYXaTGB1VZOYjEeofRnWFMR1LstC7z1KKldUS6Mxrxq A1kGH2yGx1qwrVfS9D0NeqrTrO/Tht01K0O5S13iidHm+Jg/Gv7xqvU0Ph3KVFiZ 0LTEUZ09XX5/pCzbawmb0Tyy86M97o7RIvJVdqWQXR1GNP6KrFYjDmMuAVNAc3iZ rPmCgN8s+cI=aYxA -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.34

sources: NVD: CVE-2020-10878 // JVNDB: JVNDB-2020-006178 // VULHUB: VHN-163400 // VULMON: CVE-2020-10878 // PACKETSTORM: 162650 // PACKETSTORM: 163586 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 159707 // PACKETSTORM: 161843

AFFECTED PRODUCTS

vendor:	oracle	model:	communications lsms	scope:	gte	version:	13.1	Trust: 1.0
vendor:	oracle	model:	communications offline mediation controller	scope:	eq	version:	12.0.0.3.0	Trust: 1.0
vendor:	oracle	model:	communications pricing design center	scope:	eq	version:	12.0.0.3.0	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	gte	version:	10.4.0.1.0	Trust: 1.0
vendor:	oracle	model:	communications eagle application processor	scope:	lte	version:	16.4.0	Trust: 1.0
vendor:	oracle	model:	sd-wan aware	scope:	eq	version:	8.2	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	31	Trust: 1.0
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	13.4.0.0	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	10.1	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	lte	version:	10.4.0.3.1	Trust: 1.0
vendor:	oracle	model:	tekelec platform distribution	scope:	gte	version:	7.4.0	Trust: 1.0
vendor:	oracle	model:	communications billing and revenue management	scope:	eq	version:	12.0.0.3.0	Trust: 1.0
vendor:	perl	model:	perl	scope:	lt	version:	5.30.3	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	46.7	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	46.9	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	gte	version:	10.3.0.0.0	Trust: 1.0
vendor:	oracle	model:	communications diameter signaling router	scope:	lte	version:	8.5.0	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	lte	version:	10.3.0.2.1	Trust: 1.0
vendor:	netapp	model:	snap creator framework	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	sd-wan aware	scope:	eq	version:	9.0	Trust: 1.0
vendor:	oracle	model:	tekelec platform distribution	scope:	lte	version:	7.7.1	Trust: 1.0
vendor:	oracle	model:	configuration manager	scope:	eq	version:	12.1.2.0.8	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	46.8	Trust: 1.0
vendor:	oracle	model:	communications lsms	scope:	lte	version:	13.4	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	10.2	Trust: 1.0
vendor:	oracle	model:	sd-wan aware	scope:	eq	version:	9.1	Trust: 1.0
vendor:	oracle	model:	communications diameter signaling router	scope:	gte	version:	8.0.0	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	15.1	Trust: 1.0
vendor:	oracle	model:	communications billing and revenue management	scope:	eq	version:	12.0.0.2.0	Trust: 1.0
vendor:	oracle	model:	communications eagle application processor	scope:	gte	version:	16.1.0	Trust: 1.0
vendor:	netapp	model:	oncommand workflow automation	scope:	eq	version:	-	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	the perl	model:	perl	scope:	eq	version:	5.30.3	Trust: 0.8

sources: JVNDB: JVNDB-2020-006178 // NVD: CVE-2020-10878

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-10878
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-006178
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202006-148
value:	HIGH
Trust: 0.6
VULHUB:	VHN-163400
value:	HIGH
Trust: 0.1
VULMON:	CVE-2020-10878
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-10878
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-006178
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-163400
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-10878
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.7
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-006178
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-163400 // VULMON: CVE-2020-10878 // JVNDB: JVNDB-2020-006178 // CNNVD: CNNVD-202006-148 // NVD: CVE-2020-10878

PROBLEMTYPE DATA

problemtype:

CWE-190

Trust: 1.9

sources: VULHUB: VHN-163400 // JVNDB: JVNDB-2020-006178 // NVD: CVE-2020-10878

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 159707 // CNNVD: CNNVD-202006-148

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202006-148

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-006178

PATCH

title:	FEDORA-2020-fd73c08076	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/	Trust: 0.8
title:	study_chunk: extract rck_elide_nothing	url:	https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8	Trust: 0.8
title:	regcomp: use long jumps if there is any possibility of overflow	url:	https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c	Trust: 0.8
title:	perl5/pod/perl5303delta.pod	url:	https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod	Trust: 0.8
title:	Comparing changes	url:	https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3	Trust: 0.8
title:	Perl Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=122041	Trust: 0.6
title:	Red Hat: Moderate: perl security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210343 - Security Advisory	Trust: 0.1
title:	Debian CVElist Bug Report Logs: perl: regexp security issues: CVE-2020-10543, CVE-2020-10878, CVE-2020-12723	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=babe2a0596ddd17a5ad75cd3c30c45ff	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2021-1610	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1610	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.1.3 security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210607 - Security Advisory	Trust: 0.1
title:	IBM: Security Bulletin: Cloud Pak for Security contains security vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=08f19f0be4d5dcf7486e5abcdb671477	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	AmazonECRScanSecurityHub	url:	https://github.com/hisnakad/AmazonECRScanSecurityHub	Trust: 0.1
title:	-	url:	https://github.com/hisashin0728/AmazonECRScanSecurityHub	Trust: 0.1
title:	-	url:	https://github.com/snigdhasambitak/cks	Trust: 0.1
title:	publish-security-assessments	url:	https://github.com/Azure/publish-security-assessments	Trust: 0.1
title:	misc	url:	https://github.com/dragon7-fc/misc	Trust: 0.1
title:	visualGambasDelta	url:	https://github.com/D5n9sMatrix/visualGambasDelta	Trust: 0.1
title:	perl5283delta	url:	https://github.com/D5n9sMatrix/perl5283delta	Trust: 0.1
title:	editorGambasDelta	url:	https://github.com/D5n9sMatrix/editorGambasDelta	Trust: 0.1
title:	EditorGambasDelta	url:	https://github.com/D5n9sMatrix/EditorGambasDelta	Trust: 0.1
title:	CICD_CloudBuild_01	url:	https://github.com/pbavinck/CICD_CloudBuild_01	Trust: 0.1
title:	gcp-kritis-signer	url:	https://github.com/binxio/gcp-kritis-signer	Trust: 0.1
title:	-	url:	https://github.com/actions-marketplace-validations/Azure_publish-security-assessments	Trust: 0.1
title:	gcr-kritis-signer	url:	https://github.com/binxio/gcr-kritis-signer	Trust: 0.1
title:	litecoin-automation	url:	https://github.com/gzukel/litecoin-automation	Trust: 0.1
title:	-	url:	https://github.com/D5n9sMatrix/perltoc	Trust: 0.1
title:	snykout	url:	https://github.com/garethr/snykout	Trust: 0.1
title:	myapp-container-jaxrs	url:	https://github.com/akiraabe/myapp-container-jaxrs	Trust: 0.1

sources: VULMON: CVE-2020-10878 // JVNDB: JVNDB-2020-006178 // CNNVD: CNNVD-202006-148

EXTERNAL IDS

db:	NVD	id:	CVE-2020-10878	Trust: 3.2
db:	PACKETSTORM	id:	162650	Trust: 0.8
db:	PACKETSTORM	id:	159707	Trust: 0.8
db:	PACKETSTORM	id:	161728	Trust: 0.8
db:	PACKETSTORM	id:	161843	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-006178	Trust: 0.8
db:	PACKETSTORM	id:	159726	Trust: 0.7
db:	PACKETSTORM	id:	162021	Trust: 0.7
db:	PACKETSTORM	id:	162877	Trust: 0.7
db:	PACKETSTORM	id:	161255	Trust: 0.7
db:	PACKETSTORM	id:	161656	Trust: 0.7
db:	PACKETSTORM	id:	162837	Trust: 0.7
db:	PACKETSTORM	id:	162245	Trust: 0.7
db:	PACKETSTORM	id:	163188	Trust: 0.7
db:	CNNVD	id:	CNNVD-202006-148	Trust: 0.7
db:	PACKETSTORM	id:	163586	Trust: 0.7
db:	CS-HELP	id:	SB2021042131	Trust: 0.6
db:	CS-HELP	id:	SB2021042519	Trust: 0.6
db:	CS-HELP	id:	SB2021072164	Trust: 0.6
db:	CS-HELP	id:	SB2021052031	Trust: 0.6
db:	CS-HELP	id:	SB2021092220	Trust: 0.6
db:	CS-HELP	id:	SB2022012754	Trust: 0.6
db:	CS-HELP	id:	SB2021072268	Trust: 0.6
db:	PACKETSTORM	id:	158058	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1338	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0791	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2604	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2781	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0925	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1725	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0371	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1096	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.0499	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2180	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0845	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1820	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.1866	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.2469	Trust: 0.6
db:	PACKETSTORM	id:	161727	Trust: 0.2
db:	PACKETSTORM	id:	161726	Trust: 0.1
db:	CNVD	id:	CNVD-2020-53545	Trust: 0.1
db:	VULHUB	id:	VHN-163400	Trust: 0.1
db:	VULMON	id:	CVE-2020-10878	Trust: 0.1

sources: VULHUB: VHN-163400 // VULMON: CVE-2020-10878 // JVNDB: JVNDB-2020-006178 // PACKETSTORM: 162650 // PACKETSTORM: 163586 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 159707 // PACKETSTORM: 161843 // CNNVD: CNNVD-202006-148 // NVD: CVE-2020-10878

REFERENCES

url:	https://www.oracle.com/security-alerts/cpuapr2021.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpuoct2020.html	Trust: 2.3
url:	https://www.oracle.com/security-alerts/cpuoct2021.html	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-10878	Trust: 2.0
url:	https://github.com/perl/perl5/blob/blead/pod/perl5303delta.pod	Trust: 1.7
url:	https://github.com/perl/perl5/compare/v5.30.2...v5.30.3	Trust: 1.7
url:	https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8	Trust: 1.7
url:	https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c	Trust: 1.7
url:	https://security.netapp.com/advisory/ntap-20200611-0001/	Trust: 1.7
url:	https://security.gentoo.org/glsa/202006-03	Trust: 1.7
url:	https://www.oracle.com//security-alerts/cpujul2021.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpuapr2022.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpujan2021.html	Trust: 1.7
url:	https://www.oracle.com/security-alerts/cpujan2022.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html	Trust: 1.7
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/in3ttbo5ksgwe5irikdj5jsqrh7annxe/	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10878	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/in3ttbo5ksgwe5irikdj5jsqrh7annxe/	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-10543	Trust: 0.6
url:	https://packetstormsecurity.com/files/162650/red-hat-security-advisory-2021-1678-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/161255/red-hat-security-advisory-2021-0343-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072164	Trust: 0.6
url:	https://vigilance.fr/vulnerability/perl-core-integer-overflow-via-regular-expression-malformed-bytecode-32366	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-cloud-pak-for-security-contains-security-vulnerabilities/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1866	Trust: 0.6
url:	https://support.apple.com/en-us/ht211289	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1820	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021072268	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1725	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021052031	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0371/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2781	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022012754	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1096	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042131	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2180	Trust: 0.6
url:	https://packetstormsecurity.com/files/161656/red-hat-security-advisory-2021-0719-01.html	Trust: 0.6
url:	https://www.oracle.com/security-alerts/cpujul2021.html	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-perl-affect-aix-cve-2020-10543-cve-2020-10878-and-cve-2020-12723/	Trust: 0.6
url:	https://packetstormsecurity.com/files/163188/red-hat-security-advisory-2021-2461-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.0499	Trust: 0.6
url:	https://packetstormsecurity.com/files/161728/red-hat-security-advisory-2021-0780-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0925	Trust: 0.6
url:	https://packetstormsecurity.com/files/158058/gentoo-linux-security-advisory-202006-03.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/161843/red-hat-security-advisory-2021-0883-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/159707/ubuntu-security-notice-usn-4602-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.1338	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021092220	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2469	Trust: 0.6
url:	https://packetstormsecurity.com/files/162021/red-hat-security-advisory-2021-1032-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/162245/red-hat-security-advisory-2021-1266-01.html	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021042519	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0845	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.2604	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0791	Trust: 0.6
url:	https://packetstormsecurity.com/files/162837/red-hat-security-advisory-2021-2136-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/162877/red-hat-security-advisory-2021-2121-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/163586/red-hat-security-advisory-2021-2792-01.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/159726/ubuntu-security-notice-usn-4602-2.html	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-10543	Trust: 0.5
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2020-10878	Trust: 0.5
url:	https://bugzilla.redhat.com/):	Trust: 0.5
url:	https://access.redhat.com/security/team/contact/	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12723	Trust: 0.4
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.3
url:	https://access.redhat.com/articles/11258	Trust: 0.3
url:	https://access.redhat.com/security/team/key/	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-12723	Trust: 0.3
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20228	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20253	Trust: 0.2
url:	https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20191	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20180	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20178	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-35678	Trust: 0.2
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1678	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2792	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17006	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20907	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11023	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-12749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12401	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12402	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-1971	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14866	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20372	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7595	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20843	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17006	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20388	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12401	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17023	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11023	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17023	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-6829	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0778	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14866	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-8177	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12403	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11022	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12400	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20388	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19956	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11756	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11756	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12243	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12400	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11727	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12243	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-1971	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11727	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-5766	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12403	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-15903	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5766	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15903	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20372	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19956	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11022	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17498	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17498	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20907	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-20843	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12402	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35678	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3281	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20178	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20191	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3281	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20253	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20228	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0780	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20180	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/perl/5.30.0-9ubuntu0.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/perl/5.22.1-9ubuntu0.9	Trust: 0.1
url:	https://usn.ubuntu.com/4602-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/perl/5.26.1-6ubuntu0.5	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0883	Trust: 0.1

sources: VULHUB: VHN-163400 // JVNDB: JVNDB-2020-006178 // PACKETSTORM: 162650 // PACKETSTORM: 163586 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 159707 // PACKETSTORM: 161843 // CNNVD: CNNVD-202006-148 // NVD: CVE-2020-10878

CREDITS

Red Hat

Trust: 1.1

sources: PACKETSTORM: 162650 // PACKETSTORM: 163586 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 161843 // CNNVD: CNNVD-202006-148

SOURCES

db:	VULHUB	id:	VHN-163400
db:	VULMON	id:	CVE-2020-10878
db:	JVNDB	id:	JVNDB-2020-006178
db:	PACKETSTORM	id:	162650
db:	PACKETSTORM	id:	163586
db:	PACKETSTORM	id:	161727
db:	PACKETSTORM	id:	161728
db:	PACKETSTORM	id:	159707
db:	PACKETSTORM	id:	161843
db:	CNNVD	id:	CNNVD-202006-148
db:	NVD	id:	CVE-2020-10878

LAST UPDATE DATE

2025-04-28T22:13:03.592000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-163400	date:	2022-05-12T00:00:00
db:	VULMON	id:	CVE-2020-10878	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2020-006178	date:	2020-07-02T00:00:00
db:	CNNVD	id:	CNNVD-202006-148	date:	2022-04-20T00:00:00
db:	NVD	id:	CVE-2020-10878	date:	2024-11-21T04:56:16.367

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-163400	date:	2020-06-05T00:00:00
db:	VULMON	id:	CVE-2020-10878	date:	2020-06-05T00:00:00
db:	JVNDB	id:	JVNDB-2020-006178	date:	2020-07-02T00:00:00
db:	PACKETSTORM	id:	162650	date:	2021-05-19T14:04:40
db:	PACKETSTORM	id:	163586	date:	2021-07-21T16:03:08
db:	PACKETSTORM	id:	161727	date:	2021-03-09T16:25:11
db:	PACKETSTORM	id:	161728	date:	2021-03-09T16:26:05
db:	PACKETSTORM	id:	159707	date:	2020-10-26T16:43:39
db:	PACKETSTORM	id:	161843	date:	2021-03-17T14:36:02
db:	CNNVD	id:	CNNVD-202006-148	date:	2020-06-02T00:00:00
db:	NVD	id:	CVE-2020-10878	date:	2020-06-05T14:15:10.527