Описание
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| perl | fixed | 5.18.1-2 | package | |
| perl | not-affected | wheezy | package | |
| perl | not-affected | squeeze | package | |
| libmodule-metadata-perl | fixed | 1.000015-1 | package | |
| libmodule-metadata-perl | fixed | 1.000009-1+deb7u1 | wheezy | package |
Примечания
this is by 'design', but previous to version Module::Metadata 1.000015
the statement was This module provides a standard way to gather metadata
about a .pm file *without* executing unsafe code.
Связанные уязвимости
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.