EulerOS 2.0 SP9 : perl (EulerOS-SA-2023-2594)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users...

EulerOS 2.0 SP9 : perl-HTTP-Tiny (EulerOS-SA-2023-2595)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration wher...

Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2023-2594)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for perl-HTTP-Tiny (EulerOS-SA-2023-2625)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-31486

A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...

The vulnerability of the Perl programming language library HTTP::Tiny involves authentication process errors, which allow attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Perl programming language library HTTP::Tiny is related to errors in the TLS certificate authentication process. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

CLSA-2023-1689701864 perl: Fix of CVE-2023-31486

CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...

CLSA-2023-1689701433 perl: Fix of CVE-2023-31486

CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...

CLSA-2023-1689700589 Fix CVE(s): CVE-2023-31486

SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verifySSL=1 to HTTP::Tiny default configuration - CVE-2023-31486...

Fedora: Security Advisory for perl-CPAN (FEDORA-2023-46924e402a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2023-1400 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: HTTP::Tiny before 0.083, a Perl core...

Amazon Linux AMI : perl-HTTP-Tiny (ALAS-2023-1771)

The version of perl-HTTP-Tiny installed on the remote host is prior to 0.033-3.7. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1771 advisory. Warning has been added when HTTP::Tiny is used without verifyssl flag CVE-2023-31486 Tenable has extracted the preceding...

OESA-2023-1390 perl security update

A highly capable, feature-rich programming language. Security Fixes: HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.CVE-2023-31486...

Amazon Linux 2 : perl-Pod-Perldoc (ALAS-2023-2094)

The version of perl-Pod-Perldoc installed on the remote host is prior to 3.20-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2094 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configurati...

Amazon Linux 2 : perl-HTTP-Tiny (ALAS-2023-2093)

The version of perl-HTTP-Tiny installed on the remote host is prior to 0.033-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2093 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuratio...

Amazon Linux 2023 : perl-HTTP-Tiny, perl-HTTP-Tiny-tests (ALAS2023-2023-216)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-216 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Tenable has...

Amazon Linux 2023 : perl, perl-Attribute-Handlers, perl-AutoLoader (ALAS2023-2023-218)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-218 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Tenable has...

Important: perl-HTTP-Tiny

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Issue Correction: Run dnf update perl-HTTP-Tiny --releasev...

Important: perl-Pod-Perldoc

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-Pod-Perldoc Note: This advisory is applicable to Amazon Linux 2 AL2...

Important: perl-Pod-Perldoc

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-Pod-Perldoc Issue Correction: Run dnf update perl-Pod-Perldoc...