Описание
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Ссылки
- Mailing ListPatch
- Mailing ListPatch
- Mailing List
- Mailing ListThird Party Advisory
- MitigationPatchThird Party Advisory
- Patch
- Product
- Mailing ListPatch
- Mailing ListThird Party Advisory
- Issue Tracking
- Mailing ListPatch
- Mailing ListPatch
- Mailing List
- Mailing ListThird Party Advisory
- MitigationPatchThird Party Advisory
- Patch
- Product
- Mailing ListPatch
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.083 (исключая)
cpe:2.3:a:http\:\:tiny_project:http\:\:tiny:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 5.38.0 (исключая)
cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00448
Низкий
8.1 High
CVSS3
Дефекты
CWE-295
CWE-295
Связанные уязвимости
CVSS3: 8.1
ubuntu
больше 2 лет назад
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
CVSS3: 8.1
redhat
больше 2 лет назад
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
CVSS3: 8.1
debian
больше 2 лет назад
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available ...
EPSS
Процентиль: 63%
0.00448
Низкий
8.1 High
CVSS3
Дефекты
CWE-295
CWE-295