Unrated severityNVD Advisory· Published Nov 29, 2019· Updated Aug 6, 2024
CVE-2015-3406
CVE-2015-3406
Description
The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Module::Signature/Module::Signaturedescription
Patches
Vulnerability mechanics
References
5- ubuntu.com/usn/usn-2607-1mitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2015/04/07/1mitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2015/04/23/17mitrex_refsource_MISC
- github.com/audreyt/module-signature/commit/8a9164596fa5952d4fbcde5aa1c7d1c7bc85372fmitrex_refsource_MISC
- metacpan.org/changes/distribution/Module-Signaturemitrex_refsource_MISC
News mentions
0No linked articles in our index yet.