Security Advisory

CVE-2014-3230

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-28 15:05:37

Last updated 2024-08-06 10:35:57

Assigner redhat

State PUBLISHED

Description

The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable.

← Browse all CVEs View on cve.org ↗