CVE-2016-1238: Digest may load an optional module from the current directory [rt.cpan.org #116512]

Migrated from [rt.cpan.org#116512](https://rt.cpan.org/Ticket/Display.html?id=116512) (status was 'new')

Requestors:
* TONYC@cpan.org

Attachments:
* [0001-CVE-2016-1238-prevent-loading-optional-modules-from-.patch](https://rt.cpan.org/Ticket/Attachment/1652946/887040/0001-CVE-2016-1238-prevent-loading-optional-modules-from-.patch)


From tonyc@cpan.org on 2016-07-27 04:07:06
:
```
As described in the patch this can be used by a local attacker to execute code
as another user.

Patch also available as a pull request at

https://github.com/gisle/digest/pull/3

Tony

```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2016-1238: Digest may load an optional module from the current directory [rt.cpan.org #116512] #5

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CVE-2016-1238: Digest may load an optional module from the current directory [rt.cpan.org #116512] #5

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions