CVE-2015-3406

Published November 29th, 2019

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

6.4

MEDIUM

Affected

PROJECT

Description

The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.

audreyt/module-signature

Module signature file manipulation

GitHub