RLSA-2024:10218

See a problem?
Please try reporting it to the source first.
Source
https://errata.rockylinux.org/RLSA-2024:10218
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2024:10218.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2024:10218
Related
Published
2025-03-17T20:16:49.937392Z
Modified
2025-03-17T20:19:18.210115Z
Summary
Moderate: perl-App-cpanminus security update
Details

Why? It's dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM.

Security Fix(es):

  • perl-App-cpanminus: Insecure HTTP in App::cpanminus Allows Code Execution Vulnerability (CVE-2024-45321)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:9 / perl-App-cpanminus

Package

Name
perl-App-cpanminus
Purl
pkg:rpm/rocky-linux/perl-App-cpanminus?distro=rocky-linux-9-x86-64&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.7044-14.1.el9_5