Vulnerabilities > CVE-2019-20919 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 4.7 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.

Vulnerable Configurations

Part Description Count
Application
Perl
157
OS
Fedoraproject
1
OS
Canonical
4
OS
Debian
1
OS
Opensuse
2

Common Weakness Enumeration (CWE)