Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24210
HistoryApr 10, 2020 - 12:49 a.m.

Restriction Bypass

2020-04-1000:49:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

EPSS

0.019

Percentile

88.7%

Perl is vulnerable to Restriction Bypass. The Safe module did not properly restrict the code of implicitly called methods (such as DESTROY and AUTOLOAD) on implicitly blessed objects returned as a result of unsafe code evaluation. These methods could have been executed unrestricted by Safe when such objects were accessed or destroyed. A specially-crafted Perl script executed inside of a Safe compartment could use this flaw to bypass intended Safe module restrictions.

References