CVE-2017-0373CVE-2017-0373

Affected configuration(s):

cpe:/a:config-model_project:config-model:2.101

Date published: 2017-05-23T14:29:00.180-04:00

Date last modified: 2017-06-08T08:07:01.247-04:00

CVSS Score: 6.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://cpansearch.perl.org/src/DDUMONT/Config-Model-2.102/Changes

Summary: The gen_class_pod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model (aka libconfig-model-perl) before 2.102 has a dangerous “use lib” line, which allows remote attackers to have an unspecified impact via a crafted Debian package file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.