Arbitrary Code Execution Vulnerability in Module::Load for Perl
CVE-2011-10043

Currently unrated

Key Information:

Vendor

Bingos

Vendor
CVE Published:
7 July 2026

What is CVE-2011-10043?

A security flaw exists in Module::Load versions prior to 0.22 for Perl, allowing attackers to load arbitrary modules from outside the expected @INC paths. By manipulating module names passed to the load function, attackers can execute arbitrary code on the host system. This vulnerability emphasizes the importance of secure coding practices and careful validation of module paths in Perl applications. For more details, refer to the technical resources and release notes provided by the Perl community.

Affected Version(s)

Module::Load 0 < 0.22

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.