Perl

Dbi

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.41%
  • Veröffentlicht 07.07.2026 22:05:45
  • Zuletzt bearbeitet 10.07.2026 14:40:21

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during norma...

  • EPSS 0.4%
  • Veröffentlicht 07.07.2026 22:05:18
  • Zuletzt bearbeitet 10.07.2026 14:41:16

DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million placeholders. DBI version 1...

  • EPSS 0.24%
  • Veröffentlicht 07.07.2026 22:04:49
  • Zuletzt bearbeitet 10.07.2026 14:46:21

DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute, DBI splits it into path, package and arguments, and interpolates the package part in a ...

  • EPSS 0.38%
  • Veröffentlicht 09.06.2026 07:22:25
  • Zuletzt bearbeitet 30.06.2026 03:21:47

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence ...

  • EPSS 0.41%
  • Veröffentlicht 05.06.2026 14:30:58
  • Zuletzt bearbeitet 10.06.2026 15:02:24

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per bind...

  • EPSS 0.51%
  • Veröffentlicht 17.09.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:39:41

An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.

Exploit
  • EPSS 0.49%
  • Veröffentlicht 16.09.2020 16:15:14
  • Zuletzt bearbeitet 21.11.2024 02:03:32

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomple...

  • EPSS 2.74%
  • Veröffentlicht 11.09.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 02:01:08

An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.

  • EPSS 2.66%
  • Veröffentlicht 11.09.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 02:01:08

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.

  • EPSS 0.44%
  • Veröffentlicht 11.09.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 02:03:32

An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.