perl-HTTP-Tiny bug fix and enhancement update

An update is available for perl-HTTP-Tiny. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...

perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS

A flaw was found in Perl's CPAN, which doesn't check TLS certificates when downloading content. This happens due to verifySSL missing when suing the HTTP::Tiny library during the connection. This may allow an attacker to inject into the network path and perform a Man-In-The-Middle attack, causing...

RHEL 7 : http-tiny (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - http-tiny: insecure TLS cert default CVE-2023-31486 Note that Nessus has not tested for this issue but has instead...

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2023-41419 DESCRIPTION: Gevent could allow a remote attacker to gain...

perl-HTTP-Tiny bug fix update

An update is available for perl-HTTP-Tiny. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Bug...

CentOS 9 : perl-HTTP-Tiny-0.076-461.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the perl- HTTP-Tiny-0.076-461.el9 build changelog. - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration whe...

Moderate: Red Hat Security Advisory: perl-HTTP-Tiny security update

An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

RHEL 8 : perl-HTTP-Tiny (RHSA-2024:0579)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0579 advisory. HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more detail...

Moderate: Red Hat Security Advisory: perl-HTTP-Tiny security update

An update for perl-HTTP-Tiny is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

RHEL 8 : perl-HTTP-Tiny (RHSA-2024:0422)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0422 advisory. HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl. Security Fixes: http-tiny: insecure TLS cert default CVE-2023-31486 For more detail...

EulerOS Virtualization 2.9.0 : perl-HTTP-Tiny (EulerOS-SA-2023-2994)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS...

EulerOS Virtualization 3.0.6.0 : perl (EulerOS-SA-2023-3442)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 - HTTP::Tiny before...

EulerOS 2.0 SP11 : perl-HTTP-Tiny (EulerOS-SA-2023-2850)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration wher...

EulerOS Virtualization 2.10.0 : perl-HTTP-Tiny (EulerOS-SA-2023-2944)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS...

EulerOS 2.0 SP10 : perl (EulerOS-SA-2023-2819)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users...

EulerOS Virtualization 2.10.1 : perl-HTTP-Tiny (EulerOS-SA-2023-2925)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS...

EulerOS 2.0 SP10 : perl-HTTP-Tiny (EulerOS-SA-2023-2820)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration wher...

EulerOS Virtualization 2.11.1 : perl-HTTP-Tiny (EulerOS-SA-2023-3061)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS...

EulerOS Virtualization 3.0.6.6 : perl-HTTP-Tiny (EulerOS-SA-2023-3411)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS...

EulerOS 2.0 SP11 : perl (EulerOS-SA-2023-2866)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users...