INFSA-2024:10219: perl-App-cpanminus:1.7044 security update
Information about definition
Identificator: INFSA-2024:10219
Type: security
Release date: 2025-07-09 19:03:12 UTC
Information about package
The panminus is a script to get, unpack, build and install modules from CPAN.
Vulnerabilities description
- CVE-2024-45321
A flaw was found in App::cpanminus (cpanm) through version 1.7047. The default configuration downloads Perl modules from CPAN using HTTP, which could allow an attacker to view or modify the content without the knowledge of the user. This issue could allow an attacker to execute malicious code if they have the ability to intercept and modify the content before it reaches to user.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-45321
|
no information | 8.1 | no information |
Updated packages