VDB

DEBIAN-CVE-2023-31486

DEBIAN-CVE-2023-31486 PUBLISHED CVSS 8.100000381469727 HIGH

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.

Risk Scores

CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Debian:13perl0, 0, 0
Debian:11perl5.32.1-4, 5.38.0-2, 5.38.0
Debian:12perl0, 5.38.2-5, 5.40.0-1
Debian:14perl0, 0, 0
Debian:12libhttp-tiny-perl0.090-1, 0.092-1, 0
Debian:14libhttp-tiny-perl0, 0, 0
Debian:13libhttp-tiny-perl0, 0, 0

Exploit Intelligence

Timeline

  • Apr 29, 2023 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›