Your submission was sent successfully! Close

CVE-2014-10401

Published: 11 September 2020

An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.

Notes

AuthorNote
leosilva
precise backport can be a bit trick and cause regressions. For now, ignoring it.
Priority

Medium

CVSS 3 base score: 6.1

Status

Package Release Status
libdbi-perl
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(1.640-1)
focal Not vulnerable

precise Ignored

trusty
Released (1.630-1ubuntu0.1~esm4)
upstream
Released (1.633-1)
xenial Not vulnerable

Patches:
upstream: https://github.com/perl5-dbi/dbi/commit/caedc0d7d602f5b2ae5efc1b00f39efeafb7b05a