File Modification Vulnerability in Crypt::DSA for Perl by TIMLEGGE
CVE-2026-8704

6.5MEDIUM

Key Information:

Vendor: Timlegge
Status: Crypt::dsa
Vendor: CVE Published:; 15 May 2026

What is CVE-2026-8704?

The Crypt::DSA module for Perl, specifically versions up to 1.19, contains a vulnerability that allows existing files to be modified due to the use of a 2-argument open function. This flaw can potentially lead to unauthorized file changes, posing a significant risk to the integrity of applications relying on this module. Users are advised to upgrade to the latest version to mitigate this issue.

Affected Version(s)

Crypt::DSA 0 <= 1.19

References

https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/changes

release-notes

https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/diff...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2026
Vulnerability Reserved
May 15, 2026

CVE-2026-8704 Data

JSON

Timlegge

What is CVE-2026-8704?

Affected Version(s)

References

CVSS V3.1

Timeline