CPANSA-Socket-2017-01: Socket vulnerability

Publisher giterlizzi Document category csaf_informational_advisory
Initial release date 2017-08-17T00:00:00 Engine CSAF Perl Toolkit 0.25
Current release date 2017-08-17T00:00:00 Build Date
Current version 1 Status final
CVSS v3.1 Base Score Severity
Original language Language en
Also referred to

Vulnerability Description

The function croak is variadic which expects as a first parameter printf-style format. Passing arbitrary and string from the caller as a printf format leads to the security problem CWE-134: Use of Externally-Controlled Format String.

giterlizzi

Namespace: https://github.com/giterlizzi/

gdt@cpan.org

References

Revision history

Version Date of the revision Summary of the revision
1 Thu Aug 17 00:00:00 2017 First release

Sharing rules

TLP:WHITE
For the TLP version see: https://www.first.org/tlp/