csaf2cusa/cusas/p/perl-HTTP-Tiny/perl-HTTP-Tiny-0.080-2_openEuler-SA-2023-1389.json

{
  "id": "openEuler-SA-2023-1389",
  "url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1389",
  "title": "An update for perl-HTTP-Tiny is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1",
  "severity": "Important",
  "description": "A small, simple, correct HTTP/1.1 client.\r\n\r\nSecurity Fix(es):\r\n\r\nHTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.(CVE-2023-31486)",
  "cves": [
    {
      "id": "CVE-2023-31486",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31486",
      "severity": "Important"
    }
  ]
}