DEBIAN-CVE-2023-31486
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-31486
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-31486.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-31486
- Upstream
- Published
- 2023-04-29T00:15:09Z
- Modified
- 2025-09-30T05:18:47.858714Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
- References
Affected packages
Debian:11
perl
Package
- Name
- perl
- Purl
- pkg:deb/debian/perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.32.1-4
5.32.1-4+deb11u1
5.32.1-4+deb11u2
5.32.1-4+deb11u3
5.32.1-4+deb11u4
5.32.1-5
5.32.1-6
5.34.0~rc2-1
5.34.0-1
5.34.0-2
5.34.0-3
5.34.0-4
5.34.0-5
5.36.0-1
5.36.0-2
5.36.0-3
5.36.0-4
5.36.0-5
5.36.0-6
5.36.0-7
5.36.0-8
5.36.0-9
5.36.0-10
5.38.0~rc2-1
5.38.0-1
5.38.0-2
5.38.2-1
5.38.2-2
5.38.2-3
5.38.2-3.1
5.38.2-3.2
5.38.2-3.2+hurd.1
5.38.2-4
5.38.2-5
5.40.0~rc1-1
5.40.0-1
5.40.0-2
5.40.0-3
5.40.0-4
5.40.0-5
5.40.0-6
5.40.0-7
5.40.0-8
5.40.1-1
5.40.1-2
5.40.1-3
5.40.1-4
5.40.1-5
5.40.1-6
5.42.0-1
5.42.0-2
Debian:12
libhttp-tiny-perl
perl
Package
- Name
- perl
- Purl
- pkg:deb/debian/perl?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.36.0-7
5.36.0-7+deb12u1
5.36.0-7+deb12u2
5.36.0-7+deb12u3
5.36.0-8
5.36.0-9
5.36.0-10
5.38.0~rc2-1
5.38.0-1
5.38.0-2
5.38.2-1
5.38.2-2
5.38.2-3
5.38.2-3.1
5.38.2-3.2
5.38.2-3.2+hurd.1
5.38.2-4
5.38.2-5
5.40.0~rc1-1
5.40.0-1
5.40.0-2
5.40.0-3
5.40.0-4
5.40.0-5
5.40.0-6
5.40.0-7
5.40.0-8
5.40.1-1
5.40.1-2
5.40.1-3
5.40.1-4
5.40.1-5
5.40.1-6
5.42.0-1
5.42.0-2