cpanminus is a script that obtains, unpacks, builds and installs modules from CPAN and does not perform any other operations. cpanminus suffers from a signature verification vulnerability that stems from packages not uniquely defining signature data. No detailed vulnerability details are currently available.