Remote Code Execution Vulnerability in Linux::Statm::Tiny by Perl
CVE-2025-3051

Currently unrated

Key Information:

Vendor

Rrwo

Status
Linux::statm::tiny
Vendor
CVE Published:
1 April 2025

What is CVE-2025-3051?

The Linux::Statm::Tiny module for Perl, prior to version 0.0701, is susceptible to a vulnerability that allows untrusted code from the current working directory to be loaded. An attacker could exploit this by placing a malicious file in the current directory, which may be loaded instead of the intended legitimate file. This could potentially result in arbitrary code execution, compromising the security of the system. The vulnerability arises through the improper handling of file loading mechanisms within the module.

Affected Version(s)

Linux::Statm::Tiny 0 < 0.0701

References

https://metacpan.org/release/RRWO/Linux-Statm-Tiny-0.0701...
release-notes
https://metacpan.org/release/RRWO/Linux-Statm-Tiny-0.0700...
related
https://blogs.perl.org/users/todd_rinaldo/2016/11/what-ha...
related

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.