Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:10218

Опубликовано: 17 мар. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: perl-App-cpanminus security update

Why? It's dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM.

Security Fix(es):

  • perl-App-cpanminus: Insecure HTTP in App::cpanminus Allows Code Execution Vulnerability (CVE-2024-45321)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
perl-App-cpanminusnoarch14.1.el9_5perl-App-cpanminus-1.7044-14.1.el9_5.noarch.rpm

Показывать по

Связанные CVE

CVE-2024-45321

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-45321

CVSS3: 8.1
ubuntu
около 1 года назад

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.

redhat логотип

CVE-2024-45321

CVSS3: 8.1
redhat
около 1 года назад

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.

nvd логотип

CVE-2024-45321

CVSS3: 8.1
nvd
около 1 года назад

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.

debian логотип

CVE-2024-45321

CVSS3: 8.1
debian
около 1 года назад

The App::cpanminus package through 1.7047 for Perl downloads code via ...

github логотип

GHSA-9mmm-86g7-vp9g

CVSS3: 9.8
github
около 1 года назад

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.