4 matches found
CVE-2026-11527
Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle. Config::IniFiles::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd...
CVE-2026-11527
CVE-2026-11527 affects Perl Config::IniFiles prior to 3.001000. The vulnerability arises when _make_filehandle opens the -file argument with Perl’s 2-arg open(); untrusted input passed to -file can be treated as a command or redirect (e.g., starting/ending with |, or >/>>), enabling OS c...
Linux Distros Unpatched Vulnerability : CVE-2011-10007
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename. A file handle is opened with the 2...
AZL-62239 CVE-2011-10007 affecting package perl-File-Find-Rule 0.34-15
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename. A file handle is opened with the 2 argument form of open allowing an attacker controlled filename to provide the MODE parameter to open, turning the filename into a command to...