CVE-2014-10401

CVSS v3.1

6.1

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions DBI module versions prior to 1.632

Description An issue was discovered in the DBI module for Perl, where DBD::File drivers can open files from folders other than those specifically passed via the f dir attribute.

Recommendations For versions prior to 1.632, update to version 1.632 or later to resolve the issue. As a temporary workaround, consider restricting access to the DBD::File drivers to minimize the risk of exploitation. Avoid using the f dir attribute in a way that could allow access to unintended folders until the issue is resolved.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

ALT-PU-2014-2464

ALT-PU-2022-2897

ALT-PU-2022-2963

ALT-PU-2022-2977

ALT-PU-2022-3385

CVE-2014-10401

DLA-3035-1

OPENSUSE-SU-2020:2051-1

OPENSUSE-SU-2020:2064-1

OPENSUSE-SU-2020_2051-1

OPENSUSE-SU-2020_2064-1

OPENSUSE-SU-2024:11161-1

SUSE-SU-2020:3384-1

SUSE-SU-2020:3385-1

SUSE-SU-2020_3384-1

SUSE-SU-2020_3385-1

SUSE-SU-2024:3136-1

SUSE-SU-2024_3136-1

USN-4509-1

Affected Products

Alt Linux

Dbi

Suse

Ubuntu

CVE-2014-10401

Weakness Enumeration

Related Identifiers

Affected Products

References · 31