CVE-2015-3408

Published May 19th, 2015

View on NVD ↗

CVSS v3

N/A

CVSS v2

HIGH

Affected

PROJECT

Description

Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.

audreyt/module-signature

Module signature file manipulation

GitHub