Io-Socket-Ssl: >> Io-Socket-Ssl >> 1.35 Security Vulnerabilities
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions.
CVSS Score
4.0
EPSS Score
0.006
Published
2011-01-14