Medium: perl-Module-ScanDeps

Issue Overview: Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...

[SECURITY] Fedora 40 Update: perl-Module-ScanDeps-1.37-1.fc40

This module scans potential modules used by perl programs and returns a hash reference. Its keys are the module names as they appear in %INC e.g. Test/More.pm. The values are hash references...

Fedora 41 : perl-Module-ScanDeps (2024-c05ef21f1f)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c05ef21f1f advisory. 1.37 - fix parsing of use if ... Fixes errors in PAR::Packer test t/90-rt59710.t - add test for parselibs 1.36 - Fix CVE-2024-10224: Unsanitized input leads ...

Fedora: Security Advisory (FEDORA-2024-8adf4a4b24)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : perl-Module-ScanDeps (2024-8adf4a4b24)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8adf4a4b24 advisory. 1.37 - fix parsing of use if ... Fixes errors in PAR::Packer test t/90-rt59710.t - add test for parselibs 1.36 - Fix CVE-2024-10224: Unsanitized input leads ...

CBL Mariner 2.0 Security Update: perl-Module-ScanDeps (CVE-2024-10224)

The version of perl-Module-ScanDeps installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10224 advisory. - Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, befor...

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-3

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-3. A patched version of the package is available...

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-2

CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-2. A patched version of the package is available...

CVE-2024-10224

A flaw was found in the Module-ScanDeps package. Due to the handling of unsanitized input, a local attacker can execute arbitrary shell commands or potentially escalate privileges on the host...

AZL-53397 CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-3

Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...

AZL-53394 CVE-2024-10224 affecting package perl-Module-ScanDeps for versions less than 1.35-2

Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by opening a "pesky pipe" such as passing "commands|" as a filename or by passing arbitrary strings to eval...

Module-ScanDeps 权限许可和访问控制问题漏洞

Module-ScanDeps is an application by Roderich Schupp Personal Developer. A security vulnerability exists in Module-ScanDeps versions prior to 1.36 that stems from improper input validation, which could lead to a local attacker executing arbitrary shell commands by opening a pesky pipe or passing ...