We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-3051

Linux::Statm::Tiny for Perl allows untrusted code to be included from the current working directory



Description

Linux::Statm::Tiny for Perl before 0.0701 allows untrusted code from the current working directory ('.') to be loaded similar to CVE-2016-1238. If an attacker can place a malicious file in current working directory, it may be loaded instead of the intended file, potentially leading to arbitrary code execution. Linux::Statm::Tiny uses Mite to produce the affected code section due to CVE-2025-30672

Reserved 2025-03-31 | Published 2025-04-01 | Updated 2025-04-01 | Assigner CPANSec

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

Default status
unaffected

Any version before 0.0701
affected

References

metacpan.org/release/RRWO/Linux-Statm-Tiny-0.0701/changes release-notes

metacpan.org/...y-0.0700/source/lib/Linux/Statm/Tiny/Mite.pm related

blogs.perl.org/...o/2016/11/what-happened-to-dot-in-inc.html related

cve.org (CVE-2025-3051)

nvd.nist.gov (CVE-2025-3051)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-3051

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.