CVE-2010-4334 in Io-socket-ssl信息

摘要

由 VulDB • 2026-06-04

Perl的IO::Socket::SSL模块1.35版本中,当verify_mode未设置为VERIFY_NONE时,如果无法验证ca_file或ca_path,该模块会错误地以VERIFY_NONE模式开放连接而非抛出错误,这使得远程攻击者能够绕过预期的证书限制。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Do you need the next level of professionalism?

Upgrade your account now!