A flaw was found in perl-dbi before version 1.643. A buffer overflow on via an overlong DBD class name in dbih_setup_handle function may lead to data be written past the intended limit. Upstream patch: https://github.com/perl5-dbi/dbi/commit/36f2a2c5fea36d7d47d6871e420286643460e71b
Created perl-DBI tracking bugs for this issue: Affects: fedora-all [bug 1877410]
External References: Advisory: https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643-...
Marked the CVSS score as 4.4 for products as there would only be a temporary risk to availability and low risk to data integrity due to binary protections shipped with the products.