<p>Upgrade <code>Debian:10</code> <code>perl</code> to version 5.12.3-1 or higher.</p>

Access Restriction Bypass Affecting perl package, versions <5.12.3-1

Snyk CVSS

Attack Complexity Low

User Interaction Required

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS 0.6% (79^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-DEBIAN10-PERL-327773
published 19 May 2010
disclosed 19 May 2010

Report a new vulnerability Found a mistake?

Introduced: 19 May 2010

CVE-2010-1447 Open this link in a new tab CWE-264 Open this link in a new tab

How to fix?

Upgrade Debian:10 perl to version 5.12.3-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:10 relevant fixed versions and status.

The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution.