perl-File-Find-Rule-0.34-19.1.el9_6
エラータID: AXSA:2025-10696:01
File::Find::Rule is a friendlier interface to File::Find. It allows you to build rules which specify the desired files and directories.
Security Fix(es):
* perl-file-find-rule: File::Find::Rule Arbitrary Code Execution (CVE-2011-10007)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2011-10007
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename. A file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to provide the MODE parameter to `open()`, turning the filename into a command to be executed. Example: $ mkdir /tmp/poc; echo > "/tmp/poc/|id" $ perl -MFile::Find::Rule \ -E 'File::Find::Rule->grep("foo")->in("/tmp/poc")' uid=1000(user) gid=1000(user) groups=1000(user),100(users)
Update packages.
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename. A file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to provide the MODE parameter to `open()`, turning the filename into a command to be executed. Example: $ mkdir /tmp/poc; echo > "/tmp/poc/|id" $ perl -MFile::Find::Rule \ -E 'File::Find::Rule->grep("foo")->in("/tmp/poc")' uid=1000(user) gid=1000(user) groups=1000(user),100(users)
N/A
SRPMS
- perl-File-Find-Rule-0.34-19.1.el9_6.src.rpm
MD5: 3bb3ca977a743ce7c2a808b1d971dc43
SHA-256: f016a7f1f38c3e3ff97fcd250e1b4141c269f55df1406275a5a139890d22c814
Size: 26.08 kB
Asianux Server 9 for x86_64
- perl-File-Find-Rule-0.34-19.1.el9_6.noarch.rpm
MD5: f1c354ff19ae66ba80667c7815fcb792
SHA-256: b9c883b3d88631a48ae390634849426f99d04d380a401b3bc4b5ba099df851c3
Size: 31.94 kB
日本語