CVE-2017-0374CVE-2017-0374

Affected configuration(s):

cpe:/a:config-model_project:config-model:2.101

Date published: 2017-05-23T14:29:00.240-04:00

Date last modified: 2017-06-08T08:06:35.853-04:00

CVSS Score: 4.6

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://cpansearch.perl.org/src/DDUMONT/Config-Model-2.102/Changes

Summary: lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.