/

CVE-2023-31484 Report - Details, Severity, & Advisorie...

CVE-2023-31484 Report - Details, Severity, & Advisories

Twingate Team

Jul 4, 2024

What is CVE-2023-31484?

CVE-2023-31484 is a high-severity vulnerability affecting CPAN.pm before version 2.35 and Perl before version 5.38.0. This vulnerability occurs due to a lack of TLS certificate verification when downloading distributions over HTTPS, potentially exposing systems to security risks. Users of these older versions should take precautions to mitigate the impact of this vulnerability.

Who is impacted by CVE-2023-31484?

CVE-2023-31484 affects users of CPAN.pm before version 2.35 and Perl before version 5.38.0. Systems using these older versions are at risk due to a lack of TLS certificate verification when downloading distributions over HTTPS. Users should be aware of this issue and take steps to protect their systems.

What to do if CVE-2023-31484 affected you

If you're affected by the CVE-2023-31484 vulnerability, it's crucial to take action to protect your system. Follow these simple steps:

  1. Ensure you're using HTTPS for secure communication.

  2. Validate the hostname when connecting to a server.

  3. Update to CPAN.pm version 2.35 or later and Perl version 5.38.0 or later.

  4. Stay informed about updates and patches provided by developers.

Is in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-31484 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This high-severity issue, affecting CPAN.pm before version 2.35 and Perl before version 5.38.0, was published on April 28, 2023.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-295, which involves improper certificate validation, affecting CPAN.pm and Perl.

Learn More

For a comprehensive understanding of this vulnerability, refer to the NVD page and the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-31484 Report - Details, Severity, & Advisorie...

CVE-2023-31484 Report - Details, Severity, & Advisories

Twingate Team

Jul 4, 2024

What is CVE-2023-31484?

CVE-2023-31484 is a high-severity vulnerability affecting CPAN.pm before version 2.35 and Perl before version 5.38.0. This vulnerability occurs due to a lack of TLS certificate verification when downloading distributions over HTTPS, potentially exposing systems to security risks. Users of these older versions should take precautions to mitigate the impact of this vulnerability.

Who is impacted by CVE-2023-31484?

CVE-2023-31484 affects users of CPAN.pm before version 2.35 and Perl before version 5.38.0. Systems using these older versions are at risk due to a lack of TLS certificate verification when downloading distributions over HTTPS. Users should be aware of this issue and take steps to protect their systems.

What to do if CVE-2023-31484 affected you

If you're affected by the CVE-2023-31484 vulnerability, it's crucial to take action to protect your system. Follow these simple steps:

  1. Ensure you're using HTTPS for secure communication.

  2. Validate the hostname when connecting to a server.

  3. Update to CPAN.pm version 2.35 or later and Perl version 5.38.0 or later.

  4. Stay informed about updates and patches provided by developers.

Is in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-31484 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This high-severity issue, affecting CPAN.pm before version 2.35 and Perl before version 5.38.0, was published on April 28, 2023.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-295, which involves improper certificate validation, affecting CPAN.pm and Perl.

Learn More

For a comprehensive understanding of this vulnerability, refer to the NVD page and the resources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-31484 Report - Details, Severity, & Advisories

Twingate Team

Jul 4, 2024

What is CVE-2023-31484?

CVE-2023-31484 is a high-severity vulnerability affecting CPAN.pm before version 2.35 and Perl before version 5.38.0. This vulnerability occurs due to a lack of TLS certificate verification when downloading distributions over HTTPS, potentially exposing systems to security risks. Users of these older versions should take precautions to mitigate the impact of this vulnerability.

Who is impacted by CVE-2023-31484?

CVE-2023-31484 affects users of CPAN.pm before version 2.35 and Perl before version 5.38.0. Systems using these older versions are at risk due to a lack of TLS certificate verification when downloading distributions over HTTPS. Users should be aware of this issue and take steps to protect their systems.

What to do if CVE-2023-31484 affected you

If you're affected by the CVE-2023-31484 vulnerability, it's crucial to take action to protect your system. Follow these simple steps:

  1. Ensure you're using HTTPS for secure communication.

  2. Validate the hostname when connecting to a server.

  3. Update to CPAN.pm version 2.35 or later and Perl version 5.38.0 or later.

  4. Stay informed about updates and patches provided by developers.

Is in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-31484 vulnerability is not listed in CISA's Known Exploited Vulnerabilities Catalog. This high-severity issue, affecting CPAN.pm before version 2.35 and Perl before version 5.38.0, was published on April 28, 2023.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-295, which involves improper certificate validation, affecting CPAN.pm and Perl.

Learn More

For a comprehensive understanding of this vulnerability, refer to the NVD page and the resources listed below.