Published: 17/09/2020 Updated: 07/11/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P

An issue exists in the DBI module prior to 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.

Vulnerable Product	Search on Vulmon	Subscribe to Product
perl dbi
fedoraproject fedora 31
canonical ubuntu linux 18.04
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
canonical ubuntu linux 12.04
debian debian linux 9.0
opensuse leap 15.1
opensuse leap 15.2

CWE-476 https://github.com/perl5-dbi/dbi/commit/eca7d7c8f43d96f6277e86d1000e842eb4cc67ff https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643-...https://usn.ubuntu.com/4534-1/https://lists.debian.org/debian-lts-announce/2020/09/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-20919

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect