5 matches found
perl-DBI: perl-DBI: Heap overflow in SQL preparsing can lead to denial of service or arbitrary code execution.
A flaw was found in perl-DBI. A heap overflow vulnerability exists when preparsing SQL statements with more than 9 binders. The preparse method incorrectly allocates buffer space for SQL placeholder characters, leading to an overflow when processing binders with two or more digits. This can resul...
USN-8466-1: Perl DBI module vulnerabilities
It was discovered that the Perl DBI module incorrectly handled certain error messages. An attacker could use this issue to cause applications using the Perl DBI module to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-9698 It was discovered that the Perl DBI...
SUSE-SU-2026:22257-1 Security update for perl-DBI
This update for perl-DBI fixes the following issues - CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer bsc1267957. - CVE-2026-10879: SQL statements with more than 9 binders can cause an heap overflow bsc1267849...
CVE-2026-10879
CVE-2026-10879 affects DBI for Perl, pre-1.648. A heap overflow occurs during preparsing SQL with more than 9 binders; the preparse method expands placeholders to :pN but only allocates 3 characters per binder, causing overflow as placeholders 10–99 need 4 chars, 100–999 need 5, etc. The issue is...
DBI 安全漏洞
DBI is a Perl database interface tool developed under the open-source license of perl5-dbi. Versions of DBI prior to 1.648 contained security vulnerabilities; these vulnerabilities stemmed from heap overflows that occurred when pre-resolving SQL statements involving more than nine binders...