CVE-2010-1168

Name of the Vulnerable Software and Affected Versions Safe module versions prior to 2.25

Description The issue allows context-dependent attackers to bypass intended access restrictions, specifically those imposed by Safe::reval and Safe::rdo, and inject and execute arbitrary code. This can be achieved through vectors involving implicitly called methods, such as DESTROY and AUTOLOAD, and implicitly blessed objects, which are related to "automagic methods."

Recommendations For versions prior to 2.25, update to version 2.25 or later to resolve the issue. As a temporary workaround, consider restricting the use of implicitly called methods, such as DESTROY and AUTOLOAD, until a patch is available.