Path Traversal in Hmbrand Dbd::file
CVE-2026-15392
DBD::File versions before 1.651 for Perl do not ensure the table file is not a symlink to an untrusted location. The complete_table_name method builds the absolute table file path without checking whether the file is a symbolic link. A li…
Vulnerability class: Path Traversal (Directory Traversal)
Affected products
- Hmbrand Dbd::file — versions 0
Weakness classification (CWE)
References
- 9b29abf9-4ab0-4765-b253-1875cd9b441e (vendor-advisory)
- 9b29abf9-4ab0-4765-b253-1875cd9b441e (release-notes)
- 9b29abf9-4ab0-4765-b253-1875cd9b441e (patch)
- af854a3a-2127-422b-91ae-364da2661108