HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2020-10543

CVSS 8.2v3.1pub. 2020-06-05upd. 2024-11-21

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
  • Fedora Project Fedora

    OS
    Fedoraproject
    31
  • Opensuse Leap

    OS
    Opensuse
    15.1
  • Oracle Communications Billing And Revenue Management

    APP
    Oracle
    12.0.0.2.012.0.0.3.0
  • Oracle Communications Diameter Signaling Router

    APP
    Oracle
    8.0.0 – 8.5.0
  • Oracle Communications Eagle Application Processor

    APP
    Oracle
    16.1.0 – 16.4.0
  • Oracle Communications Eagle Lnp Application Processor

    APP
    Oracle
    10.110.246.746.846.9
  • Oracle Communications Lsms

    APP
    Oracle
    13.1 – 13.4
  • Oracle Communications Offline Mediation Controller

    APP
    Oracle
    12.0.0.3.0
  • Oracle Communications Performance Intelligence Center

    APP
    Oracle
    10.3.0.0.0 – 10.3.0.2.110.4.0.1.0 – 10.4.0.3.1
  • Oracle Communications Pricing Design Center

    APP
    Oracle
    12.0.0.3.0
  • Oracle Configuration Manager

    APP
    Oracle
    12.1.2.0.8
  • Oracle Enterprise Manager Base Platform

    APP
    Oracle
    13.4.0.0
  • Oracle Sd Wan Edge

    APP
    Oracle
    8.29.09.1
  • Oracle Tekelec Platform Distribution

    APP
    Oracle
    7.4.0 – 7.7.1
  • Perl

    APP
    Perl
    < 5.30.3
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)

CVE-2024-4671CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox