File-Find-Rule: Shell Injection A vulnerability has been discovered in File-Find-Rule, which can lead to shell injection. File-Find-Rule 2025-06-12 2025-06-12 957182 local and remote 0.350.0 0.350.0

File-Find-Rule is an alternative interface to File::Find.

File-Find-Rule uses the legacy '2-arg' open() call which is susceptible to shell injection via malicious filenames.

Shell injection may be used to execute arbitrary code using a malicious filename.

There is no known workaround at this time.

All File-Find-Rule users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-perl/File-Find-Rule-0.350.0" CVE-2011-10007 sam graaff