Data/Dump/Streamer.pm line 1260.

    Data() interpolates $self->{style}{eclipsename}. This is probably
    not exploitable.

Net/SSL.pm line 261.

    Net::SSL::printf() is potentially exploitable.

Sniffer/Connection.pm line 101.

    handle_packet() might be unsafe.

DBI.pm line 1068.

    data_string_diff(), maybe, under some strange conditions involving
    utf8 strings.

DBI/PurePerl.pm line 650.

    FETCH() interpolates unrecognized attributes. This probably means
    the attribute name is exploitable. This requires a tied object and
    I'm not sure anything actually uses that. Is this even used?

AppConfig/State.pm line 723.

    The ->_error method interpolates all error messages. This is
    likely exploitable.

AppConfig/CGI.pm line 104.
AppConfig/File.pm line 99.

    I couldn't see where the input, $format comes from. I get the
    impression that the data has a reasonable default and is otherwise
    probably programmer controlled. I suspect this isn't exploitable.