|Subject:||security vulnerabilities discovered on Strawberry Perl 18.104.22.168 and some Perl modules|
|Date:||Fri, 11 Oct 2019 14:43:11 +0000|
|To:||bug-Perl-Dist-Strawberry [...] rt.cpan.org|
|From:||"Jun Hua Bie" <biejunh [...] cn.ibm.com>|
Hello Strawberry Perl bug team, We are using Strawberry Perl 22.214.171.124 and some CPAN modules on our application, according to company's security policy, we ran static code scanning for these open source code, but some security vulnerabilities are discovered during scanning. Ungrouped Missing Setuid (PrivilegeEscalation, CWE-266) 32 Ungrouped File Open Mode Is User Modifiable (AccessControl.Bypass, CWE-288) 4 For the details, please refer to following reporting: Do you have any solution to fix these security issues ? It is very urgent for us to fix these issues for our project, could you take it as high priority ? Thanks in advance ! Best Regards, Jun Hua Bie Senior IT Specialist Global Technical Service IBM Service Mobile: +86-138-2370-2390 mailto:email@example.com
Message body is not shown because sender requested not to inline it.