← voltar
CVE-2017-16248

CVE-2017-16248

EPSS 2.4%
The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a '.' character.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugs.debian.org/880458https://metacpan.org/changes/distribution/Catalyst-Plugin-Static-Simplehttps://rt.cpan.org/Public/Bug/Display.html?id=120558