mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
780 B
780 B
CVE-2024-10224
Description
Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or by passing arbitrary strings to eval().
POC
Reference
No PoCs from references.