rpm package
suse/perl-DBI&distro=SUSE Linux Enterprise Server 12 SP2-LTSS
pkg:rpm/suse/perl-DBI&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-20919 | — | < 1.628-5.6.1 | 1.628-5.6.1 | Sep 17, 2020 | An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference. | ||
| CVE-2020-14393 | — | < 1.628-5.3.1 | 1.628-5.3.1 | Sep 16, 2020 | A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data. | ||
| CVE-2020-14392 | — | < 1.628-5.3.1 | 1.628-5.3.1 | Sep 16, 2020 | An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability. | ||
| CVE-2013-7490 | — | < 1.628-5.6.1 | 1.628-5.6.1 | Sep 11, 2020 | An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption. |
- CVE-2019-20919Sep 17, 2020affected < 1.628-5.6.1fixed 1.628-5.6.1
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
- CVE-2020-14393Sep 16, 2020affected < 1.628-5.3.1fixed 1.628-5.3.1
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
- CVE-2020-14392Sep 16, 2020affected < 1.628-5.3.1fixed 1.628-5.3.1
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
- CVE-2013-7490Sep 11, 2020affected < 1.628-5.6.1fixed 1.628-5.6.1
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.