HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Http::tiny | Http::tiny_project | * | 0.083 (excluding) |
| Libhttp-tiny-perl | Ubuntu | bionic | * |
| Libhttp-tiny-perl | Ubuntu | devel | * |
| Libhttp-tiny-perl | Ubuntu | esm-apps/bionic | * |
| Libhttp-tiny-perl | Ubuntu | esm-apps/focal | * |
| Libhttp-tiny-perl | Ubuntu | esm-apps/jammy | * |
| Libhttp-tiny-perl | Ubuntu | esm-apps/xenial | * |
| Libhttp-tiny-perl | Ubuntu | focal | * |
| Libhttp-tiny-perl | Ubuntu | jammy | * |
| Libhttp-tiny-perl | Ubuntu | kinetic | * |
| Libhttp-tiny-perl | Ubuntu | lunar | * |
| Libhttp-tiny-perl | Ubuntu | trusty | * |
| Libhttp-tiny-perl | Ubuntu | upstream | * |
| Libhttp-tiny-perl | Ubuntu | xenial | * |
| Perl | Ubuntu | bionic | * |
| Perl | Ubuntu | devel | * |
| Perl | Ubuntu | esm-infra-legacy/trusty | * |
| Perl | Ubuntu | esm-infra/bionic | * |
| Perl | Ubuntu | esm-infra/xenial | * |
| Perl | Ubuntu | focal | * |
| Perl | Ubuntu | jammy | * |
| Perl | Ubuntu | kinetic | * |
| Perl | Ubuntu | lunar | * |
| Perl | Ubuntu | trusty | * |
| Perl | Ubuntu | trusty/esm | * |
| Perl | Ubuntu | upstream | * |
| Perl | Ubuntu | xenial | * |
| Red Hat Enterprise Linux 8 | RedHat | perl-HTTP-Tiny-0:0.074-2.el8 | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | perl-HTTP-Tiny-0:0.074-1.el8_6.1 | * |
| Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | perl-HTTP-Tiny-0:0.074-1.el8_8.2 | * |
| Red Hat Enterprise Linux 9 | RedHat | perl-HTTP-Tiny-0:0.076-461.el9 | * |
| Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | perl-HTTP-Tiny-0:0.076-461.el9_2 | * |