Perl · Io::Socket::Ssl · CVE-2009-3024
Name of the Vulnerable Software and Affected Versions:
IO::Socket::SSL versions 1.14 through 1.25
Description:
The certificate checking feature in IO::Socket::SSL has an issue where the `verify hostname of cert` function only matches the prefix of a hostname when no wildcard is used. This allows remote attackers to bypass the hostname check for a certificate.
Recommendations:
For IO::Socket::SSL versions 1.14 through 1.25, consider updating to a version outside of this range to resolve the issue. As a temporary workaround, restrict the use of the `verify hostname of cert` function to minimize the risk of exploitation.