← volver
CVE-2017-16248

CVE-2017-16248

EPSS 2.4%
The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a '.' character.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugs.debian.org/880458https://metacpan.org/changes/distribution/Catalyst-Plugin-Static-Simplehttps://rt.cpan.org/Public/Bug/Display.html?id=120558