29 matches found
Moderate: Red Hat Security Advisory: perl security update
An update for perl is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
ROS-20240806-12
Vulnerability of CPAN.pm component of Perl programming language is related to errors in the procedure of TLS certificate authentication. of TLS certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to confidential data, compromise its...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a man-in-the-middle attack in CPAN.pm [CVE-2023-31484]
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a man-in-the-middle attack in CPAN.pm, caused by improper validation of TLS certificates when downloading distributions over HTTPS. CVE-2023-31484. CPAN.pm is used as a component of our Speech runtimes. This...
Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2023-31484 DESCRIPTION: CPAN.pm is vulnerable to a man-in-the-middle...
EulerOS Virtualization 3.0.6.0 : perl (EulerOS-SA-2023-3442)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 - HTTP::Tiny before...
EulerOS 2.0 SP9 : perl (EulerOS-SA-2023-2904)
According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable Network Security...
EulerOS Virtualization 2.9.0 : perl (EulerOS-SA-2023-3105)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable...
EulerOS 2.0 SP8 : perl (EulerOS-SA-2023-3142)
According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 - HTTP::Tiny before 0.083, a Perl...
EulerOS Virtualization 2.9.1 : perl (EulerOS-SA-2023-3091)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable...
Improper Certificate Validation
CPAN.pm is vulnerable to Improper Certificate Validation. The vulnerability is caused due to not verifying TLS certificates when downloading distributions over HTTPS because verifyssl is missing when using HTTP::Tiny library during the connection. This can allow an attacker to inject into the...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2023-3442)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2023-3142)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2023-3091)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2023-2768)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2023-2661)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : perl (EulerOS-SA-2023-2547)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable...
EulerOS 2.0 SP10 : perl (EulerOS-SA-2023-2364)
According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable Network Security...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2023-2390)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : perl (ALAS-2023-1751)
The version of perl installed on the remote host is prior to 5.16.3-294.44. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1751 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration whe...
Amazon Linux 2023 : perl, perl-Attribute-Handlers, perl-AutoLoader (ALAS2023-2023-178)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-178 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31484 Tenable has...