rpm package
opensuse/perl-DBI&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/perl-DBI&distro=openSUSE%20Leap%2015.1
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-20919 | — | < 1.639-lp151.3.13.1 | 1.639-lp151.3.13.1 | Sep 17, 2020 | An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference. | ||
| CVE-2014-10402 | — | < 1.639-lp151.3.16.1 | 1.639-lp151.3.16.1 | Sep 16, 2020 | An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401. | ||
| CVE-2020-14393 | — | < 1.639-lp151.3.7.1 | 1.639-lp151.3.7.1 | Sep 16, 2020 | A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data. | ||
| CVE-2020-14392 | — | < 1.639-lp151.3.7.1 | 1.639-lp151.3.7.1 | Sep 16, 2020 | An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability. | ||
| CVE-2014-10401 | — | < 1.639-lp151.3.16.1 | 1.639-lp151.3.16.1 | Sep 11, 2020 | An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute. |
- CVE-2019-20919Sep 17, 2020affected < 1.639-lp151.3.13.1fixed 1.639-lp151.3.13.1
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
- CVE-2014-10402Sep 16, 2020affected < 1.639-lp151.3.16.1fixed 1.639-lp151.3.16.1
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
- CVE-2020-14393Sep 16, 2020affected < 1.639-lp151.3.7.1fixed 1.639-lp151.3.7.1
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
- CVE-2020-14392Sep 16, 2020affected < 1.639-lp151.3.7.1fixed 1.639-lp151.3.7.1
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
- CVE-2014-10401Sep 11, 2020affected < 1.639-lp151.3.16.1fixed 1.639-lp151.3.16.1
An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.