The App::cpanminus package through 1.7047 for Perl downloads code via
insecure HTTP, enabling code execution for network attackers.
(CVE-2024-45321)
- https://bugs.mageia.org/show_bug.cgi?id=33631
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5W36RUTOUQ2VUGWG2FCEBOWNRYS6RBI/
- https://www.cve.org/CVERecord?id=CVE-2024-45321
- 9/core/cpanminus-1.704.500-2.1.mga9
Get the latest Linux and open source security news straight to your inbox.