Description
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
Remediation
References
Related Vulnerabilities
WordPress Plugin Viper's Video Quicktags Unspecified Vulnerability (6.4.4)
WordPress Plugin YARPP-Yet Another Related Posts SQL Injection (5.30.2)
WordPress Plugin AccessPress Social Icons Multiple Cross-Site Scripting Vulnerabilities (1.5.5)
WordPress Plugin Wp Cookie Choice Cross-Site Request Forgery (1.1.0)
Oracle Application Server Other Vulnerability (CVE-2006-5361)