Security Advisories (2)
CVE-2020-16154
(2020-07-30)
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DENFY4CRTIZL5WYYUYUM4VKCJNXO4QIW/
- https://metacpan.org/pod/App::cpanminus
- https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
- https://access.redhat.com/security/cve/cve-2020-16154
- https://security-tracker.debian.org/tracker/CVE-2020-16154
- https://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
- https://github.com/miyagawa/cpanminus/pull/638
CVE-2024-45321
(2024-08-27)
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers.
No POD found for happy_cpantesters.t.
Time to read the source?
Module Install Instructions
To install App::cpanminus, copy and paste the appropriate command in to your terminal.
cpanm App::cpanminusperl -MCPAN -e shell
install App::cpanminusFor more information on module installation, please visit the detailed CPAN module installation guide.