NuytsTech Security

CVE-2015-8607

by ·

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

Date published : 2016-01-13

http://www.securityfocus.com/bid/80504

http://cpansearch.perl.org/src/RJBS/PathTools-3.62/Changes

Tags: