CVE-2020-16154

The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.

Link	Resource
https://metacpan.org/pod/App::cpanminus	Product Third Party Advisory
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/	Exploit Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DENFY4CRTIZL5WYYUYUM4VKCJNXO4QIW/	Mailing List Third Party Advisory

Configuration 1

cpe:2.3:a:app::cpanminus_project:app::cpanminus:1.7044:*:*:*:*:perl:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

---

Published : 2021-12-13 05:15

Updated : 2022-03-01 08:04

---

NVD link : CVE-2020-16154

Mitre link : CVE-2020-16154

No products.

CWE-347

Improper Verification of Cryptographic Signature