Inconsistent Statement Handle Enforcement in DBI by Perl
CVE-2026-60082
Currently unrated
What is CVE-2026-60082?
The DBI module for Perl prior to version 1.651 is susceptible to a vulnerability whereby it fails to enforce consistency between statement handles and the associated rows. This issue can occur when a statement handle with no defined fields interacts with a non-empty source row, which results in the internal buffer trying to access a negative array index. Such a condition may arise when callers provide contrasting metadata and rows during the preparation of statements, potentially leading to unexpected behaviors and compromising data integrity.
Affected Version(s)
DBI 0 < 1.651
