Security Advisories (2)

CVE-2026-10879 (2026-06-05)

DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require four characters, 100-999 require five characters, et cetera.

CVE-2026-9698 (2026-06-09)

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a buffer overflow.

NAME

DBI::Gofer::Serializer::Storable - Gofer serialization using Storable

SYNOPSIS

$serializer = DBI::Gofer::Serializer::Storable->new();

$string = $serializer->serialize( $data );
($string, $deserializer_class) = $serializer->serialize( $data );

$data = $serializer->deserialize( $string );

DESCRIPTION

Uses Storable::nfreeze() to serialize and Storable::thaw() to deserialize.

The serialize() method sets local $Storable::forgive_me = 1; so it doesn't croak if it encounters any data types that can't be serialized, such as code refs.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

Module Install Instructions

Keyboard Shortcuts