The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a "your communication with the server will be. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Information Disclosure
Dbd Mysql
NVD
GitHub
CVSS 3.0
5.9
EPSS
0.3%