2 matches found
CVE-2017-0374
Affected software/component: libconfig-model-perl (Config-Model) – the file lib/Config/Model.pm. Vulnerability: in versions before 2.102, a crafted model in the current working directory can cause local privilege elevation via the INC path mechanism (use of “.” with INC). Impact: local users can ...
CVE-2017-0373
Config-Model (libconfig-model-perl) before 2.102 contains a dangerous "use lib" line in GenClassPod.pm that could let remote attackers influence the system via a crafted Debian package. This CVE-2017-0373 detail is consistently described across multiple feeds (NVD, CNVD, OSV, Ubuntu, Debian OSV, ...