Vulnerability CVE-2022-36564 #126
-
|
Hi, Is the vulnerability report below relevant to this distribution please, i.e. is this the right discussion thread to enquire about it? https://nvd.nist.gov/vuln/detail/CVE-2022-36564 Thanks, |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
Save the click: |
Beta Was this translation helpful? Give feedback.
-
|
Site links to a no-longer-existing page on a random person's GitHub account. They updated the link to here: https://github.com/ycdxsb/Vuln/blob/main/CVE-2022-36564/CVE-2022-36564.md which provides zero information other than |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, I did wonder about the quality of the report, especially because there are some almost identically worded ones "Incorrect access control in the install directory..." for other products. CVE-2022-36562 Rubyinstaller2 v3.1.2 Unfortunately a customer is using what they desribe as an "App Locker" that is now blocking perl, perhaps on an blunt "CVE X applies to product Y version Z" basis. I will go back to the customer and suggest that their "App Locker" has no reason to block perl, given the quality of the report. Regards, |
Beta Was this translation helpful? Give feedback.
Site links to a no-longer-existing page on a random person's GitHub account. They updated the link to here: https://github.com/ycdxsb/Vuln/blob/main/CVE-2022-36564/CVE-2022-36564.md which provides zero information other than
Incorrect access control in the install directory (C:\Strawberry) of StrawberryPerl v5.32.1.1 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.