Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-14393

Published: 16 September 2020

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

Priority

Low

CVSS 3 base score: 7.1

Status

Package Release Status
libdbi-perl
Launchpad, Ubuntu, Debian
bionic
Released (1.640-1ubuntu0.3)
focal Not vulnerable
(1.643-1)
groovy Not vulnerable
(1.643-2)
hirsute Not vulnerable
(1.643-2)
impish Not vulnerable
(1.643-2)
jammy Not vulnerable
(1.643-2)
kinetic Not vulnerable
(1.643-2)
precise Ignored
(end of ESM support, was needed)
trusty Needed

upstream Needs triage

xenial
Released (1.634-1ubuntu0.2+esm1)
Patches:
upstream: https://github.com/perl5-dbi/dbi/commit/36f2a2c5fea36d7d47d6871e420286643460e71b