Perl Locale::Maketext Module Two Code Injection Vulnerabilities
Locale::Maketext 1.23 is affected; other versions also may be affected.
Two vulnerabilities have been reported in Locale::Maketext module for Perl
Two vulnerabilities have been reported in Locale::Maketext module for Perl, which can be exploited by malicious users to compromise an application using the module.
The vulnerabilities are caused due to the "_compile()" function not properly sanitising input, which can be exploited to inject and execute arbitrary Perl code.
Remote attackers can exploit these issues to inject and run arbitrary Perl code in the context of the affected application.
Fixed in the GIT repository.