Description
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
Remediation
References
Related Vulnerabilities
Joomla Other Vulnerability (CVE-2006-1028)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5204)
TwistedHTTP Request Splitting Vulnerability (CVE-2020-10108)
WordPress Plugin Complianz-GDPR/CCPA Cookie Consent Cross-Site Scripting (6.4.1)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-40177)