VYPR

IO::Socket::SSL

by Perl Foundation

CVEs (1)

  • CVE-2010-4334Jan 14, 2011
    risk 0.00cvss epss 0.02

    The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.