5 matches found
http-tiny: perl: insecure TLS cert default
A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...
CLSA-2023-1698312967 perl: Fix of CVE-2023-31484
CVE-2023-31484: add verifySSL=1 to HTTP::Tiny to verify https server identity...
CLSA-2023-1689701864 perl: Fix of CVE-2023-31486
CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...
CLSA-2023-1689701433 perl: Fix of CVE-2023-31486
CVE-2023-31486: add verifySSL=1 to HTTP::Tiny default configuration...
CLSA-2023-1689700476 Fix CVE(s): CVE-2023-31486
SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verifySSL=1 to HTTP::Tiny default configuration - CVE-2023-31486...