CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-14392
https://notcve.org/view.php?id=CVE-2020-14392
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability. Se encontró un fallo de desreferencia del puntero no confiable en Perl-DBI versiones anteriores a 1.643. Un atacante local que es capaz de manipular llamadas a la función dbd_db_login6_sv() podría causar una corrupción de la memoria, afectando la disponibilidad del servicio • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00074.html https://bugzilla.redhat.com/show_bug.cgi?id=1877402 https://lists.debian.org/debian-lts-announce/2020/09/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643 https://usn.ubuntu.com/4503-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14393
https://notcve.org/view.php?id=CVE-2020-14393
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data. Se encontró un desbordamiento de búfer en perl-DBI versiones anteriores a 1.643 en el archivo DBI.xs. Un atacante local que es capaz de suministrar una cadena de más de 300 caracteres que podría causar una escritura fuera de límites, afectando la disponibilidad del servicio o la integridad de los datos • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00074.html https://bugzilla.redhat.com/show_bug.cgi?id=1877409 https://lists.debian.org/debian-lts-announce/2020/09/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-10401
https://notcve.org/view.php?id=CVE-2014-10401
An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute. Se detectó un problema en el módulo DBI versiones anteriores a 1.632 para Perl. Los controladores DBD::File pueden abrir archivos desde carpetas distintas de las que son pasadas específicamente por medio del atributo f_dir • https://github.com/perl5-dbi/dbi/commit/caedc0d7d602f5b2ae5efc1b00f39efeafb7b05a https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.632-9th-Nov-2014 https://rt.cpan.org/Public/Bug/Display.html?id=99508 https://usn.ubuntu.com/4509-1 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-7490
https://notcve.org/view.php?id=CVE-2013-7490
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption. Se detectó un problema en el módulo DBI versiones anteriores a 1.632 para Perl. El uso de muchos argumentos en métodos para las devoluciones de llamada puede conllevar a una corrupción de la memoria • https://github.com/perl5-dbi/dbi/commit/a8b98e988d6ea2946f5f56691d6d5ead53f65766 https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.632-9th-Nov-2014 https://rt.cpan.org/Public/Bug/Display.html?id=86744#txn-1880941 https://usn.ubuntu.com/4509-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-7491
https://notcve.org/view.php?id=CVE-2013-7491
An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated. Se detectó un problema en el módulo DBI versiones anteriores a 1.628 para Perl. La corrupción de la pila ocurre cuando una función definida por el usuario requiere una cantidad de memoria no trivial y la pila de Perl logra reasignarse • https://github.com/perl5-dbi/dbi/commit/401f1221311c71f760e21c98772f0f7e3cbead1d https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.628-22nd-July-2013 https://rt.cpan.org/Public/Bug/Display.html?id=85562 • CWE-787: Out-of-bounds Write •