Skip to main content

Cpanpm

1 CVEs product

Monthly

CVE-2023-31484 HIGH POC PATCH This Week

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Cpanpm Perl
NVD GitHub
CVSS 3.1
8.1
EPSS
1.5%
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Cpanpm Perl
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy