The path index column of profile dump files is used to allocate an array of data for the parser. An unbounded value allows an attacker to specify a large index and consume available memory.
Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Upgrade to version 1.651 or later.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 17 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Wed, 15 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Tue, 14 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | DBI::ProfileData versions before 1.651 for Perl do not limit the path index. The path index column of profile dump files is used to allocate an array of data for the parser. An unbounded value allows an attacker to specify a large index and consume available memory. | |
| Title | DBI::ProfileData versions before 1.651 for Perl do not limit the path index | |
| Weaknesses | CWE-770 | |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: CPANSec
Published:
Updated: 2026-07-15T14:03:34.263Z
Reserved: 2026-07-08T11:45:04.838Z
Link: CVE-2026-60081
Updated: 2026-07-15T14:02:35.409Z
No data.
OpenCVE Enrichment
No data.