{"uuid":"CPANSA-LWP-Protocol-https-2014-3230","url":"http://www.openwall.com/lists/oss-security/2014/05/04/1","title":"The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable.","description":"The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable.","origin":"CPANSA","severity":"MODERATE","published_at":"2020-01-28T00:00:00.000Z","withdrawn_at":null,"classification":null,"cvss_score":null,"cvss_vector":null,"references":["http://www.openwall.com/lists/oss-security/2014/05/04/1","http://www.openwall.com/lists/oss-security/2014/05/02/8","http://www.openwall.com/lists/oss-security/2014/05/06/8","https://github.com/libwww-perl/lwp-protocol-https/pull/14","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746579"],"source_kind":"cpansa","identifiers":["CPANSA-LWP-Protocol-https-2014-3230","CVE-2014-3230"],"repository_url":"https://github.com/libwww-perl/lwp-protocol-https","blast_radius":1.0,"created_at":"2026-05-22T09:42:38.787Z","updated_at":"2026-06-19T04:17:34.540Z","epss_percentage":null,"epss_percentile":null,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/CPANSA-LWP-Protocol-https-2014-3230","html_url":"https://advisories.ecosyste.ms/advisories/CPANSA-LWP-Protocol-https-2014-3230","packages":[{"ecosystem":"cpan","package_name":"LWP-Protocol-https","versions":[{"first_patched_version":"6.06","vulnerable_version_range":"\u003e= 6.04, \u003c= 6.06"}],"purl":null,"statistics":{"dependent_packages_count":408,"dependent_repos_count":0,"downloads":null,"downloads_period":null},"affected_versions":[],"unaffected_versions":[]}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/CPANSA-LWP-Protocol-https-2014-3230/related_packages","related_advisories":[]}