Search CVE reports
1 – 2 of 2 results
Some fixes available 4 of 7
Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle. Config::IniFiles::_make_filehandle opens a filename argument with...
1 affected package
libconfig-inifiles-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libconfig-inifiles-perl | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 4 of 5
The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third...
1 affected package
libconfig-inifiles-perl
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libconfig-inifiles-perl | — | — | — | — | — |