Huawei EulerOS: Security Advisory for perl-HTTP-Tiny (EulerOS-SA-2023-2625)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-31486

A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...

CLSA-2023-1689701864 perl: Fix of CVE-2023-31486

CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...

CLSA-2023-1689701433 perl: Fix of CVE-2023-31486

CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...

CLSA-2023-1689700589 Fix CVE(s): CVE-2023-31486

SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verifySSL=1 to HTTP::Tiny default configuration - CVE-2023-31486...

Fedora: Security Advisory for perl-CPAN (FEDORA-2023-46924e402a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2023-1400 perl security update

Perl 5 is a highly capable, feature-rich programming language with over 30 years of development. Perl 5 runs on over 100 platforms from portables to mainframes and is suitable for both rapid prototyping and large scale development projects. Security Fixes: HTTP::Tiny before 0.083, a Perl core...

Amazon Linux AMI : perl-HTTP-Tiny (ALAS-2023-1771)

The version of perl-HTTP-Tiny installed on the remote host is prior to 0.033-3.7. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1771 advisory. Warning has been added when HTTP::Tiny is used without verifyssl flag CVE-2023-31486 Tenable has extracted the preceding...

OESA-2023-1390 perl security update

A highly capable, feature-rich programming language. Security Fixes: HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.CVE-2023-31486...

Amazon Linux 2 : perl-Pod-Perldoc (ALAS-2023-2094)

The version of perl-Pod-Perldoc installed on the remote host is prior to 3.20-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2094 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configurati...

Amazon Linux 2 : perl-HTTP-Tiny (ALAS-2023-2093)

The version of perl-HTTP-Tiny installed on the remote host is prior to 0.033-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2093 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuratio...

Amazon Linux 2023 : perl-HTTP-Tiny, perl-HTTP-Tiny-tests (ALAS2023-2023-216)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-216 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Tenable has...

Amazon Linux 2023 : perl, perl-Attribute-Handlers, perl-AutoLoader (ALAS2023-2023-218)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-218 advisory. HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Tenable has...

Important: perl-HTTP-Tiny

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Issue Correction: Run dnf update perl-HTTP-Tiny --releasev...

Important: perl-Pod-Perldoc

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-Pod-Perldoc Issue Correction: Run dnf update perl-Pod-Perldoc...

Important: perl-Pod-Perldoc

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl-Pod-Perldoc Note: This advisory is applicable to Amazon Linux 2 AL2...

Important: perl-HTTP-Tiny

Issue Overview: Warning has been added when HTTP::Tiny is used without verifyssl flag CVE-2023-31486 Affected Packages: perl-HTTP-Tiny Issue Correction: Run yum update perl-HTTP-Tiny or yum update --advisory ALAS-2023-1771 to update your system. New Packages: noarch: ...

HTTP::Tiny before 0.083 a Perl core module since 5.13.9 and available standalone on CPAN has an insecure default TLS configuration where users must opt in to verify certificates.

...

Important: perl-CPAN

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31484 Affected Packages: perl-CPAN Issue Correction: Run dnf update perl-CPAN --releasever...

Important: perl

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31484 Affected Packages: perl Issue Correction: Run yum update perl or yum update --advisory...