Security Advisories / CPANSA-File-Path-2017-01

2017-05-02

Severity

Low

Source

CPAN

Package

Fake-Encode

Description

Race condition in the rmtree and remove_tree functions allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.

Affected versions and fixes

Affected versions: <2.13

Fixed in: >=2.13

CVEs

References