Search CVE reports
1 – 10 of 1866 results
DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row. When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
DBI::ProfileData versions before 1.651 for Perl do not limit the path index. The path index column of profile dump files is used to allocate an array of data for the parser. An unbounded value allows an attacker to specify a large...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
DBD::File versions before 1.651 for Perl do not ensure the table file is not a symlink to an untrusted location. The complete_table_name method builds the absolute table file path without checking whether the file is a symbolic...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
DBI::SQL::Nano versions from 1.42 before 1.651 for Perl have inverted <= and >= SQL operators on text. DBI::SQL::Nano, DBI's built-in mini-SQL engine, evaluated WHERE predicates incorrectly in some cases. In the non-numeric string...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders. The fix for CVE-2026-10879 did not allocate enough memory to handle approximately 1.2-million...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute, DBI splits it into path, package and arguments, and interpolates the...
1 affected package
libdbi-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libdbi-perl | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 5 of 10
Vulnerability in the MySQL Router product of Oracle MySQL (component: Router: General). Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with...
11 affected packages
mysql-5.5, mysql-5.7, mysql-8.0, mysql-8.4, mariadb...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | — | Ignored |
| mysql-8.0 | Not in release | Fixed | Fixed | Fixed | — |
| mysql-8.4 | Fixed | Not in release | Not in release | — | — |
| mariadb | Not affected | Not affected | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | — |
| mariadb-10.1 | Not in release | Not in release | Not in release | — | Not affected |
| mariadb-10.3 | Not in release | Not in release | Not in release | Ignored | — |
| mariadb-10.6 | Not in release | Not in release | Not affected | — | — |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | — |
Some fixes available 5 of 10
Vulnerability in the MySQL Server, MySQL Cluster product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are MySQL Server: 8.4.0-8.4.9, 9.0.0-9.7.0; MySQL Cluster: 8.0.11-8.0.46,...
11 affected packages
mysql-5.5, mysql-5.7, mysql-8.0, mysql-8.4, mariadb...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | — | Ignored |
| mysql-8.0 | Not in release | Fixed | Fixed | Fixed | — |
| mysql-8.4 | Fixed | Not in release | Not in release | — | — |
| mariadb | Not affected | Not affected | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | — |
| mariadb-10.1 | Not in release | Not in release | Not in release | — | Not affected |
| mariadb-10.3 | Not in release | Not in release | Not in release | Ignored | — |
| mariadb-10.6 | Not in release | Not in release | Not affected | — | — |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | — |
Vulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Dump and Load). Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker...
11 affected packages
mysql-5.5, mysql-5.7, mysql-8.0, mysql-8.4, mariadb...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | — | Ignored |
| mysql-8.0 | Not in release | Not affected | Not affected | Not affected | — |
| mysql-8.4 | Not affected | Not in release | Not in release | — | — |
| mariadb | Not affected | Not affected | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | — |
| mariadb-10.1 | Not in release | Not in release | Not in release | — | Not affected |
| mariadb-10.3 | Not in release | Not in release | Not in release | Ignored | — |
| mariadb-10.6 | Not in release | Not in release | Not affected | — | — |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | — |