VDB

GCVE-110-MAGEIA-2017-439

GCVE-110-MAGEIA-2017-439
Advisory Published
Vulnetix · Advisory published December 1, 2017
The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a '.' character (CVE-2017-16248).

Affected Products

VendorProductVersionsPlatforms
Mageiaperl-Catalyst-Plugin-Static-Simple0 (affected), 0.340.0-1.mga6 (unaffected)
Mageiaperl-Catalyst-Plugin-Static-Simple0 (affected), 0.340.0-1.mga5 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›