diff --git a/advisories/unreviewed/2026/05/GHSA-5cq6-9f97-wjwx/GHSA-5cq6-9f97-wjwx.json b/advisories/unreviewed/2026/05/GHSA-5cq6-9f97-wjwx/GHSA-5cq6-9f97-wjwx.json index 46e975f91eed3..19c5d7d5ac1f3 100644 --- a/advisories/unreviewed/2026/05/GHSA-5cq6-9f97-wjwx/GHSA-5cq6-9f97-wjwx.json +++ b/advisories/unreviewed/2026/05/GHSA-5cq6-9f97-wjwx/GHSA-5cq6-9f97-wjwx.json @@ -1,14 +1,43 @@ { "schema_version": "1.4.0", "id": "GHSA-5cq6-9f97-wjwx", - "modified": "2026-05-16T03:31:27Z", + "modified": "2026-05-16T03:32:33Z", "published": "2026-05-16T00:31:11Z", "aliases": [ "CVE-2026-8704" ], - "details": "Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.", - "severity": [], - "affected": [], + "summary": "Arbitrary File Modification in Crypt::DSA via 2-argument open()", + "details": "### Summary\nVersions of the `Crypt::DSA` module for Perl through 1.19 are vulnerable to arbitrary file modification. The vulnerability arises within `lib/Crypt/DSA/Key.pm` due to the use of the legacy, insecure 2-argument form of Perl's built-in `open()` function (e.g., `open FH, \"$filename\"`). \n\n### Impact\nWhen `Crypt::DSA` processes key file exports, reads, or writes using input paths derived from external or untrusted sources, an attacker can manipulate the path string to change how the filesystem handles the handle initialization. By supplying unexpected leading/trailing characters or pipeline indicators common to Perl's 2-argument `open` syntax, an attacker can overwrite, modify, or truncate arbitrary files on the local filesystem with permissions matching the executing process.\n\n### Remediation\nUpgrade the `Crypt::DSA` Perl module to version **1.20** or later. Version 1.20 patches this flaw by replacing all occurrences of the insecure 2-argument file open operations with the modern, secure 3-argument syntax (e.g., `open my $fh, '>', $filename`).", + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" + } + ], + "affected": [ + { + "package": { + "ecosystem": "Packagist", + "name": "Crypt::DSA" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "= 1.20" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 1.19" + } + } + ], "references": [ { "type": "ADVISORY", @@ -31,7 +60,7 @@ "cwe_ids": [ "CWE-552" ], - "severity": null, + "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2026-05-15T23:16:21Z"