CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
References
Configurations
History
21 Jun 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 04:14
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
02 Aug 2023, 15:28
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:* | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/ - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/ - Third Party Advisory | |
First Time |
Perl
Perl perl |
10 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-04-29 00:15
Updated : 2024-08-01 13:43
NVD link : CVE-2023-31484
Mitre link : CVE-2023-31484
CVE.ORG link : CVE-2023-31484
JSON object : View
Products Affected
cpanpm_project
- cpanpm
perl
- perl
CWE
CWE-295
Improper Certificate Validation