CVE-2014-1875

CVE-2014-1875 affects the Perl Capture::Tiny module up to version 0.23 (pre-0.24). The root cause is a symlink-attack in the temporary file creation path using File::temp::tmpnam, allowing local users to write to arbitrary files. Remediation: upgrade to Capture-Tiny 0.24 or later (per the public ...