Details of VAR-202006-1838

ID

VAR-202006-1838

CVE

CVE-2020-10543

TITLE

Perl Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-006177

DESCRIPTION

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Perl Is vulnerable to out-of-bounds writes.Information is tampered with and service operation is interrupted (DoS) It may be put into a state. An attacker could exploit this vulnerability to cause a denial of service. 7.7) - ppc64, ppc64le, s390x, x86_64 3. Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Bug fix: * RHACM 2.0.8 images (BZ #1915461) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1915461 - RHACM 2.0.8 images 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 5. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [perl-net-ping] wrong return value on failing DNS name lookup (BZ#1973177) 4. * Improved analytics collection to collect the playbook status for all hosts in a playbook run 3. Description: Security Fix(es): * Addressed a security issue which can allow a malicious playbook author to elevate to the awx user from outside the isolated environment: CVE-2021-20253 * Upgraded to a more recent version of Django to address CVE-2021-3281. * Upgraded to a more recent version of autobahn to address CVE-2020-35678. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Upgraded to the latest oVirt inventory plugin to resolve a number of inventory syncing issues that can occur on RHEL7. * Upgraded to the latest theforeman.foreman inventory plugin to resolve a few bugs and performance regressions. * Fixed several issues related to how Tower rotates its log files. * Fixed a bug which can prevent Tower from installing on RHEL8 with certain non-en_US.UTF-8 locales. * Fixed a bug which can cause unanticipated delays in certain playbook output. * Fixed a bug which can cause job runs to fail for playbooks that print certain types of raw binary data. * Fixed a bug which can cause unnecessary records in the Activity Stream when Automation Analytics data is collected. * Fixed a bug which can cause Tower PostgreSQL backups to fail when a non-default PostgreSQL username is specified. * Fixed a bug which can intermittently cause access to encrypted Tower settings to fail, resulting in failed job launches. * Fixed a bug which can cause certain long-running jobs running on isolated nodes to unexpectedly fail. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection 1919969 - CVE-2021-3281 django: Potential directory-traversal via archive.extract() 1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: perl security update Advisory ID: RHSA-2021:1266-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:1266 Issue date: 2021-04-20 CVE Names: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 ===================================================================== 1. Summary: An update for perl is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64 3. Description: Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): * perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543) * perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (CVE-2020-10878) * perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Server AUS (v. 7.4): Source: perl-5.16.3-292.el7_4.2.src.rpm noarch: perl-CPAN-1.9800-292.el7_4.2.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-292.el7_4.2.noarch.rpm perl-ExtUtils-Embed-1.30-292.el7_4.2.noarch.rpm perl-ExtUtils-Install-1.58-292.el7_4.2.noarch.rpm perl-IO-Zlib-1.10-292.el7_4.2.noarch.rpm perl-Locale-Maketext-Simple-0.21-292.el7_4.2.noarch.rpm perl-Module-CoreList-2.76.02-292.el7_4.2.noarch.rpm perl-Module-Loaded-0.08-292.el7_4.2.noarch.rpm perl-Object-Accessor-0.42-292.el7_4.2.noarch.rpm perl-Package-Constants-0.02-292.el7_4.2.noarch.rpm perl-Pod-Escapes-1.04-292.el7_4.2.noarch.rpm x86_64: perl-5.16.3-292.el7_4.2.x86_64.rpm perl-Time-Piece-1.20.1-292.el7_4.2.x86_64.rpm perl-core-5.16.3-292.el7_4.2.x86_64.rpm perl-debuginfo-5.16.3-292.el7_4.2.i686.rpm perl-debuginfo-5.16.3-292.el7_4.2.x86_64.rpm perl-devel-5.16.3-292.el7_4.2.i686.rpm perl-devel-5.16.3-292.el7_4.2.x86_64.rpm perl-libs-5.16.3-292.el7_4.2.i686.rpm perl-libs-5.16.3-292.el7_4.2.x86_64.rpm perl-macros-5.16.3-292.el7_4.2.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.4): Source: perl-5.16.3-292.el7_4.2.src.rpm noarch: perl-CPAN-1.9800-292.el7_4.2.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-292.el7_4.2.noarch.rpm perl-ExtUtils-Embed-1.30-292.el7_4.2.noarch.rpm perl-ExtUtils-Install-1.58-292.el7_4.2.noarch.rpm perl-IO-Zlib-1.10-292.el7_4.2.noarch.rpm perl-Locale-Maketext-Simple-0.21-292.el7_4.2.noarch.rpm perl-Module-CoreList-2.76.02-292.el7_4.2.noarch.rpm perl-Module-Loaded-0.08-292.el7_4.2.noarch.rpm perl-Object-Accessor-0.42-292.el7_4.2.noarch.rpm perl-Package-Constants-0.02-292.el7_4.2.noarch.rpm perl-Pod-Escapes-1.04-292.el7_4.2.noarch.rpm ppc64le: perl-5.16.3-292.el7_4.2.ppc64le.rpm perl-Time-Piece-1.20.1-292.el7_4.2.ppc64le.rpm perl-core-5.16.3-292.el7_4.2.ppc64le.rpm perl-debuginfo-5.16.3-292.el7_4.2.ppc64le.rpm perl-devel-5.16.3-292.el7_4.2.ppc64le.rpm perl-libs-5.16.3-292.el7_4.2.ppc64le.rpm perl-macros-5.16.3-292.el7_4.2.ppc64le.rpm x86_64: perl-5.16.3-292.el7_4.2.x86_64.rpm perl-Time-Piece-1.20.1-292.el7_4.2.x86_64.rpm perl-core-5.16.3-292.el7_4.2.x86_64.rpm perl-debuginfo-5.16.3-292.el7_4.2.i686.rpm perl-debuginfo-5.16.3-292.el7_4.2.x86_64.rpm perl-devel-5.16.3-292.el7_4.2.i686.rpm perl-devel-5.16.3-292.el7_4.2.x86_64.rpm perl-libs-5.16.3-292.el7_4.2.i686.rpm perl-libs-5.16.3-292.el7_4.2.x86_64.rpm perl-macros-5.16.3-292.el7_4.2.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.4): Source: perl-5.16.3-292.el7_4.2.src.rpm noarch: perl-CPAN-1.9800-292.el7_4.2.noarch.rpm perl-ExtUtils-CBuilder-0.28.2.6-292.el7_4.2.noarch.rpm perl-ExtUtils-Embed-1.30-292.el7_4.2.noarch.rpm perl-ExtUtils-Install-1.58-292.el7_4.2.noarch.rpm perl-IO-Zlib-1.10-292.el7_4.2.noarch.rpm perl-Locale-Maketext-Simple-0.21-292.el7_4.2.noarch.rpm perl-Module-CoreList-2.76.02-292.el7_4.2.noarch.rpm perl-Module-Loaded-0.08-292.el7_4.2.noarch.rpm perl-Object-Accessor-0.42-292.el7_4.2.noarch.rpm perl-Package-Constants-0.02-292.el7_4.2.noarch.rpm perl-Pod-Escapes-1.04-292.el7_4.2.noarch.rpm x86_64: perl-5.16.3-292.el7_4.2.x86_64.rpm perl-Time-Piece-1.20.1-292.el7_4.2.x86_64.rpm perl-core-5.16.3-292.el7_4.2.x86_64.rpm perl-debuginfo-5.16.3-292.el7_4.2.i686.rpm perl-debuginfo-5.16.3-292.el7_4.2.x86_64.rpm perl-devel-5.16.3-292.el7_4.2.i686.rpm perl-devel-5.16.3-292.el7_4.2.x86_64.rpm perl-libs-5.16.3-292.el7_4.2.i686.rpm perl-libs-5.16.3-292.el7_4.2.x86_64.rpm perl-macros-5.16.3-292.el7_4.2.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.4): x86_64: perl-debuginfo-5.16.3-292.el7_4.2.x86_64.rpm perl-tests-5.16.3-292.el7_4.2.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.4): ppc64le: perl-debuginfo-5.16.3-292.el7_4.2.ppc64le.rpm perl-tests-5.16.3-292.el7_4.2.ppc64le.rpm x86_64: perl-debuginfo-5.16.3-292.el7_4.2.x86_64.rpm perl-tests-5.16.3-292.el7_4.2.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.4): x86_64: perl-debuginfo-5.16.3-292.el7_4.2.x86_64.rpm perl-tests-5.16.3-292.el7_4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10543 https://access.redhat.com/security/cve/CVE-2020-10878 https://access.redhat.com/security/cve/CVE-2020-12723 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYH7PTtzjgjWX9erEAQg5Rg//XzoyzGoFRn5v3JT/1ZxNTBxZ+2SbVWnf MVMm5qt1Lkk8s/0DQnvJPKQaHc5yISwGIZChNZe4FxaxSfsn7nvH88d38Xpwht8q QsmKGPEyYmb9qvMbCpjFV6+T1ggaMvfikeFTCe49Kx3H/dDMKPXYvZqL9VtjbKKc Bf0G2fJkhCaEFeFksHZShu2tofoVaHeN/RkwoQrK2HWqb8emlEY5aTtdx3znzSwV Vg3l3sGJ4eDKLz8sWvUJtkkljM/uTM0klbbseyl6duBdFzzSegnn6dMcWLsntADr PgmyL5WMI7lLfJoBwK0m7D45HfCaVMVMp9dQdr5RE+IO+DXUQf9plEhKCIuPBiii aMugog1BamqQUHSYBwyhUOGjyT51SJHg+uVbvYzrQRM8v9YFDgYyliCiqJQmlik7 kq6Jmytn3AkrGQWCJy5TALvNnM59TDTM9IiBNHZ2iA3g59U2a6KZvYFgyT6JZ7rJ FEdgxtMdCLGXIS/aAeq9kiU+Jg4a3RN8gPhGiE39WACtvQ8QWs3GrYDVxlSF6eXg rzXOA6UYyTICfhT4JKb54bkH1MzR7hRaMX0UqnAF4gsPgduEmMdwSpB+5e1q/XIr tRH/FrGPdB/aTo19Pk6u3SQxgpYXQf+SpFiSpxvwsVaSNKGgm3eh3soNuXCCKfpf qTMMs3KSLLM= =1/yn -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.43

sources: NVD: CVE-2020-10543 // JVNDB: JVNDB-2020-006177 // VULHUB: VHN-163032 // VULMON: CVE-2020-10543 // PACKETSTORM: 162021 // PACKETSTORM: 161656 // PACKETSTORM: 163586 // PACKETSTORM: 161726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162245

AFFECTED PRODUCTS

vendor:	oracle	model:	sd-wan edge	scope:	eq	version:	9.1	Trust: 1.0
vendor:	oracle	model:	communications lsms	scope:	gte	version:	13.1	Trust: 1.0
vendor:	oracle	model:	communications offline mediation controller	scope:	eq	version:	12.0.0.3.0	Trust: 1.0
vendor:	oracle	model:	communications pricing design center	scope:	eq	version:	12.0.0.3.0	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	gte	version:	10.4.0.1.0	Trust: 1.0
vendor:	oracle	model:	communications eagle application processor	scope:	lte	version:	16.4.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	31	Trust: 1.0
vendor:	oracle	model:	enterprise manager base platform	scope:	eq	version:	13.4.0.0	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	10.1	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	lte	version:	10.4.0.3.1	Trust: 1.0
vendor:	oracle	model:	tekelec platform distribution	scope:	gte	version:	7.4.0	Trust: 1.0
vendor:	oracle	model:	communications billing and revenue management	scope:	eq	version:	12.0.0.3.0	Trust: 1.0
vendor:	perl	model:	perl	scope:	lt	version:	5.30.3	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	46.7	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	46.9	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	gte	version:	10.3.0.0.0	Trust: 1.0
vendor:	oracle	model:	communications diameter signaling router	scope:	lte	version:	8.5.0	Trust: 1.0
vendor:	oracle	model:	communications performance intelligence center	scope:	lte	version:	10.3.0.2.1	Trust: 1.0
vendor:	oracle	model:	tekelec platform distribution	scope:	lte	version:	7.7.1	Trust: 1.0
vendor:	oracle	model:	sd-wan edge	scope:	eq	version:	8.2	Trust: 1.0
vendor:	oracle	model:	configuration manager	scope:	eq	version:	12.1.2.0.8	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	46.8	Trust: 1.0
vendor:	oracle	model:	communications lsms	scope:	lte	version:	13.4	Trust: 1.0
vendor:	oracle	model:	communications eagle lnp application processor	scope:	eq	version:	10.2	Trust: 1.0
vendor:	oracle	model:	communications diameter signaling router	scope:	gte	version:	8.0.0	Trust: 1.0
vendor:	oracle	model:	sd-wan edge	scope:	eq	version:	9.0	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	15.1	Trust: 1.0
vendor:	oracle	model:	communications billing and revenue management	scope:	eq	version:	12.0.0.2.0	Trust: 1.0
vendor:	oracle	model:	communications eagle application processor	scope:	gte	version:	16.1.0	Trust: 1.0
vendor:	fedora	model:	fedora	scope:	-	version:	-	Trust: 0.8
vendor:	the perl	model:	perl	scope:	eq	version:	5.30.3	Trust: 0.8

sources: JVNDB: JVNDB-2020-006177 // NVD: CVE-2020-10543

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-10543
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-006177
value:	HIGH
Trust: 0.8
VULHUB:	VHN-163032
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-10543
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-10543
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-006177
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-163032
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-10543
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.2
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-006177
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-163032 // VULMON: CVE-2020-10543 // JVNDB: JVNDB-2020-006177 // NVD: CVE-2020-10543

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.9
problemtype:	CWE-190	Trust: 1.1

sources: VULHUB: VHN-163032 // JVNDB: JVNDB-2020-006177 // NVD: CVE-2020-10543

TYPE

overflow

Trust: 0.3

sources: PACKETSTORM: 162021 // PACKETSTORM: 163586 // PACKETSTORM: 162245

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-006177

PATCH

title:	FEDORA-2020-fd73c08076	url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/	Trust: 0.8
title:	regcomp.c: Prevent integer overflow from nested regex quantifiers.	url:	https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed	Trust: 0.8
title:	perl5/pod/perl5303delta.pod	url:	https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod	Trust: 0.8
title:	Comparing changes	url:	https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3	Trust: 0.8
title:	Red Hat: Moderate: perl security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210343 - Security Advisory	Trust: 0.1
title:	Debian CVElist Bug Report Logs: perl: regexp security issues: CVE-2020-10543, CVE-2020-10878, CVE-2020-12723	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=babe2a0596ddd17a5ad75cd3c30c45ff	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2021-1610	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1610	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.1.3 security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210607 - Security Advisory	Trust: 0.1
title:	IBM: Security Bulletin: Cloud Pak for Security contains security vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=08f19f0be4d5dcf7486e5abcdb671477	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	visualGambasDelta	url:	https://github.com/D5n9sMatrix/visualGambasDelta	Trust: 0.1
title:	perl5283delta	url:	https://github.com/D5n9sMatrix/perl5283delta	Trust: 0.1
title:	editorGambasDelta	url:	https://github.com/D5n9sMatrix/editorGambasDelta	Trust: 0.1
title:	EditorGambasDelta	url:	https://github.com/D5n9sMatrix/EditorGambasDelta	Trust: 0.1
title:	CICD_CloudBuild_01	url:	https://github.com/pbavinck/CICD_CloudBuild_01	Trust: 0.1
title:	gcr-kritis-signer	url:	https://github.com/binxio/gcr-kritis-signer	Trust: 0.1
title:	gcp-kritis-signer	url:	https://github.com/binxio/gcp-kritis-signer	Trust: 0.1
title:	litecoin-automation	url:	https://github.com/gzukel/litecoin-automation	Trust: 0.1
title:	-	url:	https://github.com/D5n9sMatrix/perltoc	Trust: 0.1
title:	-	url:	https://github.com/imhunterand/hackerone-publicy-disclosed	Trust: 0.1
title:	snykout	url:	https://github.com/garethr/snykout	Trust: 0.1
title:	myapp-container-jaxrs	url:	https://github.com/akiraabe/myapp-container-jaxrs	Trust: 0.1

sources: VULMON: CVE-2020-10543 // JVNDB: JVNDB-2020-006177

EXTERNAL IDS

db:	NVD	id:	CVE-2020-10543	Trust: 2.7
db:	JVNDB	id:	JVNDB-2020-006177	Trust: 0.8
db:	PACKETSTORM	id:	162021	Trust: 0.2
db:	PACKETSTORM	id:	161728	Trust: 0.2
db:	PACKETSTORM	id:	161727	Trust: 0.2
db:	PACKETSTORM	id:	161726	Trust: 0.2
db:	PACKETSTORM	id:	161656	Trust: 0.2
db:	PACKETSTORM	id:	162245	Trust: 0.2
db:	PACKETSTORM	id:	159726	Trust: 0.1
db:	PACKETSTORM	id:	162650	Trust: 0.1
db:	PACKETSTORM	id:	162877	Trust: 0.1
db:	PACKETSTORM	id:	158058	Trust: 0.1
db:	PACKETSTORM	id:	159707	Trust: 0.1
db:	PACKETSTORM	id:	161255	Trust: 0.1
db:	PACKETSTORM	id:	162837	Trust: 0.1
db:	PACKETSTORM	id:	163188	Trust: 0.1
db:	PACKETSTORM	id:	161843	Trust: 0.1
db:	CNVD	id:	CNVD-2020-37944	Trust: 0.1
db:	CNNVD	id:	CNNVD-202006-145	Trust: 0.1
db:	VULHUB	id:	VHN-163032	Trust: 0.1
db:	VULMON	id:	CVE-2020-10543	Trust: 0.1
db:	PACKETSTORM	id:	163586	Trust: 0.1

sources: VULHUB: VHN-163032 // VULMON: CVE-2020-10543 // PACKETSTORM: 162021 // PACKETSTORM: 161656 // PACKETSTORM: 163586 // PACKETSTORM: 161726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162245 // JVNDB: JVNDB-2020-006177 // NVD: CVE-2020-10543

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2020-10543	Trust: 1.5
url:	https://github.com/perl/perl5/blob/blead/pod/perl5303delta.pod	Trust: 1.1
url:	https://github.com/perl/perl5/compare/v5.30.2...v5.30.3	Trust: 1.1
url:	https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed	Trust: 1.1
url:	https://security.netapp.com/advisory/ntap-20200611-0001/	Trust: 1.1
url:	https://security.gentoo.org/glsa/202006-03	Trust: 1.1
url:	https://www.oracle.com//security-alerts/cpujul2021.html	Trust: 1.1
url:	https://www.oracle.com/security-alerts/cpuapr2021.html	Trust: 1.1
url:	https://www.oracle.com/security-alerts/cpuapr2022.html	Trust: 1.1
url:	https://www.oracle.com/security-alerts/cpujan2021.html	Trust: 1.1
url:	https://www.oracle.com/security-alerts/cpujan2022.html	Trust: 1.1
url:	https://www.oracle.com/security-alerts/cpuoct2020.html	Trust: 1.1
url:	https://www.oracle.com/security-alerts/cpuoct2021.html	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/in3ttbo5ksgwe5irikdj5jsqrh7annxe/	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10543	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2020-10878	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-10878	Trust: 0.7
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.7
url:	https://bugzilla.redhat.com/):	Trust: 0.7
url:	https://access.redhat.com/security/cve/cve-2020-10543	Trust: 0.7
url:	https://access.redhat.com/security/team/contact/	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12723	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-12723	Trust: 0.6
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.4
url:	https://access.redhat.com/security/team/key/	Trust: 0.3
url:	https://access.redhat.com/articles/11258	Trust: 0.3
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-20228	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-20253	Trust: 0.3
url:	https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-20191	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-20180	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2020-35678	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-20178	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35678	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20372	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20178	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20191	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20253	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20228	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-20372	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20180	Trust: 0.2
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/in3ttbo5ksgwe5irikdj5jsqrh7annxe/	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1032	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20230	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-29661	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3121	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-15436	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14351	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-25705	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0719	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-29661	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3121	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-35513	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-14351	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20230	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25705	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-15436	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-35513	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:2792	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0779	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17006	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20907	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11023	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-12749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12401	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12402	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-1971	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14866	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-7595	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20843	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17006	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20388	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12401	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17023	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11023	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17023	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-6829	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0778	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14866	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-8177	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12403	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-11022	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12400	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-20388	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19956	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11756	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11756	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12243	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12400	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-11727	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12243	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-1971	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11727	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2016-5766	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-12403	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-15903	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-5766	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15903	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-19956	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-11022	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-17498	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17498	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20907	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-20843	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-12402	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3281	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3281	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:0780	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:1266	Trust: 0.1

sources: VULHUB: VHN-163032 // PACKETSTORM: 162021 // PACKETSTORM: 161656 // PACKETSTORM: 163586 // PACKETSTORM: 161726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162245 // JVNDB: JVNDB-2020-006177 // NVD: CVE-2020-10543

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 162021 // PACKETSTORM: 161656 // PACKETSTORM: 163586 // PACKETSTORM: 161726 // PACKETSTORM: 161727 // PACKETSTORM: 161728 // PACKETSTORM: 162245

SOURCES

db:	VULHUB	id:	VHN-163032
db:	VULMON	id:	CVE-2020-10543
db:	PACKETSTORM	id:	162021
db:	PACKETSTORM	id:	161656
db:	PACKETSTORM	id:	163586
db:	PACKETSTORM	id:	161726
db:	PACKETSTORM	id:	161727
db:	PACKETSTORM	id:	161728
db:	PACKETSTORM	id:	162245
db:	JVNDB	id:	JVNDB-2020-006177
db:	NVD	id:	CVE-2020-10543

LAST UPDATE DATE

2026-04-18T21:28:12.197000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-163032	date:	2022-05-12T00:00:00
db:	VULMON	id:	CVE-2020-10543	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2020-006177	date:	2020-07-02T00:00:00
db:	NVD	id:	CVE-2020-10543	date:	2024-11-21T04:55:32.927

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-163032	date:	2020-06-05T00:00:00
db:	VULMON	id:	CVE-2020-10543	date:	2020-06-05T00:00:00
db:	PACKETSTORM	id:	162021	date:	2021-03-30T14:26:55
db:	PACKETSTORM	id:	161656	date:	2021-03-04T15:33:19
db:	PACKETSTORM	id:	163586	date:	2021-07-21T16:03:08
db:	PACKETSTORM	id:	161726	date:	2021-03-09T16:23:27
db:	PACKETSTORM	id:	161727	date:	2021-03-09T16:25:11
db:	PACKETSTORM	id:	161728	date:	2021-03-09T16:26:05
db:	PACKETSTORM	id:	162245	date:	2021-04-20T16:17:10
db:	JVNDB	id:	JVNDB-2020-006177	date:	2020-07-02T00:00:00
db:	NVD	id:	CVE-2020-10543	date:	2020-06-05T14:15:10.467