Rschupp: >> Modules Security Vulnerabilities
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or by passing arbitrary strings to eval().
CVSS Score
5.3
EPSS Score
0.001
Published
2024-11-19