Database Interface
CVE-2020-14393
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
AnalysisAI
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-121. A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data. Affected products include: Perl Database Interface, Opensuse Leap, Debian Debian Linux, Fedoraproject Fedora.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Database Interface
View allSame weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today