libdbi-perl is vulnerable to denial of service (DoS). The vulnerability exists when a NULL profile is passed into SvOK(profile) after hv_fetch() checks for NULL.
CPE | Name | Operator | Version |
---|---|---|---|
libdbi-perl:xenial | eq | 1.634 | |
libdbi-perl:stretch | eq | 1.636-1+b1 | |
libdbi-perl:xenial | eq | 1.634 | |
libdbi-perl:stretch | eq | 1.636-1+b1 |
lists.opensuse.org/opensuse-security-announce/2020-10/msg00012.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00013.html
github.com/perl5-dbi/dbi/commit/eca7d7c8f43d96f6277e86d1000e842eb4cc67ff
lists.debian.org/debian-lts-announce/2020/09/msg00026.html
lists.fedoraproject.org/archives/list/[email protected]/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR/
metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643-...
usn.ubuntu.com/4534-1/