Buffer Overflow Vulnerability in Perl DBI Library
CVE-2020-14393

7.1HIGH

Key Information:

Vendor: Perl
Status: Perl-dbi
Vendor: CVE Published:; 16 September 2020

🔔 Create Perl Vulnerability Alert

What is CVE-2020-14393?

A vulnerability exists in the Perl DBI library where a buffer overflow can occur if a local attacker submits a string exceeding 300 characters. This can lead to an out-of-bounds write, potentially impacting the service's availability and the integrity of the stored data. Affected users should upgrade to version 1.643 or later to mitigate these risks.

Affected Version(s)

perl-dbi perl-DBI before version 1.643

References

https://metacpan.org/pod/distribution/DBI/Changes#Changes...

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1877409

x_refsource_MISC

http://lists.opensuse.org/opensuse-security-announce/2020...

vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2020
Vulnerability Reserved
Jun 17, 2020

.