The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.
Product: |
terminal/cssh |
terminal/cssh-522 |
terminal/cssh-512 |
runtime/perl-threaded-512 |
runtime/perl-522 |
runtime/perl-512 |
library/perl5/perl-tk |
library/perl5/perl-tk-522 |
library/perl5/perl-tk-512 |
library/perl-5/xml-simple |
library/perl-5/xml-simple-threaded-512 |
library/perl-5/xml-simple-584 |
library/perl-5/xml-simple-522 |
library/perl-5/xml-simple-512 |
library/perl-5/xml-sax |
library/perl-5/xml-sax-threaded-512 |
library/perl-5/xml-sax-base |
library/perl-5/xml-sax-base-threaded-512 |
library/perl-5/xml-sax-base-522 |
library/perl-5/xml-sax-base-512 |
library/perl-5/xml-sax-522 |
library/perl-5/xml-sax-512 |
library/perl-5/xml-parser |
library/perl-5/xml-parser-threaded-512 |
library/perl-5/xml-parser-584 |
library/perl-5/xml-parser-522 |
library/perl-5/xml-parser-512 |
library/perl-5/xml-namespacesupport |
library/perl-5/xml-namespacesupport-threaded-512 |
library/perl-5/xml-namespacesupport-522 |
library/perl-5/xml-namespacesupport-512 |
library/perl-5/xml-libxml |
library/perl-5/xml-libxml-threaded-512 |
library/perl-5/xml-libxml-522 |
library/perl-5/xml-libxml-512 |
library/perl-5/pmtools |
library/perl-5/pmtools-584 |
library/perl-5/pmtools-522 |
library/perl-5/pmtools-512 |
library/perl-5/perl-x11-protocol |
library/perl-5/perl-x11-protocol-522 |
library/perl-5/perl-x11-protocol-512 |
library/perl-5/net-ssleay |
library/perl-5/net-ssleay-584 |
library/perl-5/net-ssleay-522 |
library/perl-5/net-ssleay-512 |
library/perl-5/database |
library/perl-5/database-584 |
library/perl-5/database-522 |
library/perl-5/database-512 |
library/perl-5/authen-pam |
library/perl-5/authen-pam-threaded-512 |
library/perl-5/authen-pam-584 |
library/perl-5/authen-pam-522 |
library/perl-5/authen-pam-512 |
library/perl-5/CGI |
library/perl-5/CGI-522 |