CVE-2002-1323
perl - broken safe compartment
EPSS 0.08%
Description
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
How to fix CVE-2002-1323
To remediate CVE-2002-1323, upgrade the affected package to a fixed version below.
- Debian/perl—upgrade to 5.8.0-14 or later
- Debian/perl—upgrade to 5.6.1-8.2 or later
Is CVE-2002-1323 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 5.8.0-14
- from 0, < 5.6.1-8.2