VDB

ALPINE-CVE-2014-10402

ALPINE-CVE-2014-10402 PUBLISHED CVSS 6.099999904632568 MEDIUM

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

Affected Products

VendorProductVersions
Alpine:v3.21perl-dbi0, 0, 0
Alpine:v3.22perl-dbi0, 0, 0
Alpine:v3.20perl-dbi1.636-r0, 1.632-r0, 1.628-r0
Alpine:v3.18perl-dbi1.641-r0, 1.637-r0, 1.640-r0
Alpine:v3.15perl-dbi1.634-r1, 1.616-r0, 1.612-r0
Alpine:v3.16perl-dbi1.631-r1, 0, 1.615-r0
Alpine:v3.24perl-dbi0
Alpine:v3.17perl-dbi1.642-r1, 1.642-r0, 1.641-r0
Alpine:v3.19perl-dbi1.623-r0, 0, 1.642-r2
Alpine:v3.23perl-dbi0, 0, 0

Timeline

  • Sep 16, 2020 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 9, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›