Shlomi Fish

**Name of the Vulnerable Software and Affected Versions** Config::IniFiles versions prior to 3.001000 **Description** OS command injection and file overwrite are possible through the ` make filehandle` function. This occurs because the function uses Perl's 2-arg `open()` to process the `-file` argument. If a filename begins or ends with a pipe (e.g., "| cmd", "cmd |") or starts with a redirect (e.g., "> path", ">> path"), it is executed as a command or a redirect instead of being opened as a file. This allows any caller forwarding untrusted input to the `-file` argument to execute arbitrary commands or truncate files under the process UID. In-memory scalar references used with the `-file` argument are not affected. **Recommendations** Update to version 3.001000 or later. Avoid passing untrusted input to the `-file` argument in the `new()` function.