Vulnerabilities > LWP

DATE CVE VULNERABILITY TITLE RISK
2020-01-28 CVE-2014-3230 Improper Certificate Validation vulnerability in Lwp::Protocol::Https Project Lwp::Protocol::Https 6.04/6.06
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable.
network
lwp CWE-295
4.3