CVE-2015-8607 – Gentoo Linux Security Advisory 201701-75

https://notcve.org/view.php?id=CVE-2015-8607

11 Jan 2016 — The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string. La función canonpath en el módulo File::Spec en PathTools en versiones anteriores a 3.62, tal como se utiliza en Perl, no mantiene adecuadamente el atributo taint de los datos, lo que podría permitir a atacantes dependientes de contexto eludir los mecanism... • http://cpansearch.perl.org/src/RJBS/PathTools-3.62/Changes • CWE-20: Improper Input Validation •