The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | >= 8.0, < 8.1 |