Vulnerabilities > LWP
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-28 | CVE-2014-3230 | Improper Certificate Validation vulnerability in Lwp::Protocol::Https Project Lwp::Protocol::Https 6.04/6.06 The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable. | 5.9 |