6 matches found
CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
CVE-2017-0374
lib/Config/Model.pm in Config-Model aka libconfig-model-perl before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array...
CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
CVE-2017-0373
Config-Model (libconfig-model-perl) before 2.102 contains a dangerous "use lib" line in GenClassPod.pm that could let remote attackers influence the system via a crafted Debian package. This CVE-2017-0373 detail is consistently described across multiple feeds (NVD, CNVD, OSV, Ubuntu, Debian OSV, ...
CVE-2017-0373
The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig-model-perl before 2.102 has a dangerous "use lib" line, which allows remote attackers to have an unspecified impact via a crafted Debian package file...
CVE-2017-0374
Affected software/component: libconfig-model-perl (Config-Model) – the file lib/Config/Model.pm. Vulnerability: in versions before 2.102, a crafted model in the current working directory can cause local privilege elevation via the INC path mechanism (use of “.” with INC). Impact: local users can ...