CVE-2013-2145

EPSS 0.20%

Published: 8/19/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-2145

Description

The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.

Affected packages (1)

Debian/libmodule-signature-perlfrom 0, < 0.73-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2145