Jeremey James

**Name of the Vulnerable Software and Affected Versions** Perlbal versions prior to 1.70 **Description** A directory traversal issue exists in the serve request multiple function in lib/Perlbal/ClientHTTPBase.pm, allowing remote attackers to read arbitrary files in a parent directory via a directory traversal sequence in an unspecified parameter when concat get is enabled. **Recommendations** For versions prior to 1.70, update to version 1.70 or later to resolve the issue. As a temporary workaround, consider disabling the concat get feature until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation.