CVE-2020-10878: perl: perl before 5.30.3 has an integer overflow
CVSSv2: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Description:
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2020-10878: perl: perl before 5.30.3 has an integer overflow
CVSSv2: 7.5 (AV:N/AC: L/Au:N/ C:P/I:P/ A:P)
Description:
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
References: /nvd.nist. gov/vuln/ detail/ CVE-2020- 10878 /access. redhat. com/security/ cve/CVE- 2020-10878 /access. redhat. com/errata/ RHSA-2021: 0343
https:/
https:/
https:/
Required package version: 16.3-299. el7_9.src. rpm
perl-5.
Packages:
perl
Found during March 2021 StarlingX CVE Scan