CVE-2025-30673

Published Apr 1, 2025

Last updated 4 days ago

CVSS medium 6.5

Overview

Description
Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code execution. Sub::HandlesVia uses Mite to produce the affected code section due to CVE-2025-30672
Source
9b29abf9-4ab0-4765-b253-1875cd9b441e
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.5
Impact score
2.5
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE-427

Social media

Hype score
Not currently trending

  1. CVE-2025-30673 Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can pla… https://t.co/Pb3GU2KfLy

    @CVEnew

    1 Apr 2025

    212 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References