Описание
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Отчет
This vulnerability is present in versions of perl included with Red Hat Virtualization Hypervisor and Management Appliance, however it is not exposed in any meaningful way. Perl is only included in these images as a dependency of components which do not manipulate ENV, and are not exposed to user input. A future update may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | perl | Will not fix | ||
| Red Hat Enterprise Linux 6 | perl | Will not fix | ||
| Red Hat Enterprise Linux 8 | perl | Not affected | ||
| Red Hat Enterprise Linux 8 | perl:5.24/perl | Not affected | ||
| Red Hat OpenShift Enterprise 3 | perl | Not affected | ||
| Red Hat Virtualization 4 | redhat-virtualization-host | Will not fix | ||
| Red Hat Virtualization 4 | rhvm-appliance | Will not fix | ||
| Red Hat Enterprise Linux 7 | perl | Fixed | RHSA-2019:0109 | 21.01.2019 |
| Red Hat Enterprise Linux 7.3 Advanced Update Support | perl | Fixed | RHSA-2019:2400 | 07.08.2019 |
| Red Hat Enterprise Linux 7.3 Telco Extended Update Support | perl | Fixed | RHSA-2019:2400 | 07.08.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.1 High
CVSS3
Связанные уязвимости
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via ...
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
EPSS
8.1 High
CVSS3