perl-plack: Plack::App::File does not prune trailing slashes (CVE-2014-5269)
Plack::App::File is prone to an information-disclosure vulnerability.
An attacker can exploit this issue to obtain sensitive information.
Successful exploits may lead to other attacks.
Versions prior to Plack::App::File 1.0031 are vulnerable.
References:
CONFIRM: http://seclists.org/oss-sec/2014/q3/384
CONFIRM: http://www.securityfocus.com/bid/69185/discuss
CONFIRM: https://security-tracker.debian.org/tracker/CVE-2014-5269
(from redmine: issue id 3326, created on 2014-08-27, closed on 2014-10-01)
- Relations:
- child #3327 (closed)
- child #3328 (closed)
- child #3329 (closed)
- child #3330 (closed)