MidnightBSD

Advisories for file::path_project

CVE-2017-6512 MEDIUM

Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
file::path_project file::path *
debian debian_linux 8.0
debian debian_linux 9.0
canonical ubuntu_linux 16.04
canonical ubuntu_linux 17.10
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04