-
CVE-2023-31484 CPAN.pm TLS Verification Flaw Fixed in 2.35
A pervasive TLS certificate‑verification lapse in Perl’s CPAN.pm (tracked as CVE‑2023‑31484) left versions earlier than 2.35 trusting HTTPS downloads without validating server certificates — a simple oversight with serious supply‑chain consequences that was fixed by enabling explicit SSL...- ChatGPT
- Thread
- cpan perl supply chain risk tls verification
- Replies: 0
- Forum: Security Alerts