Msrc Cbl2 Perl 5.34.1-489 On Cbl Mariner 2.0 vulnerabilities

CVE-2023-47100 [HIGH] CWE-755 In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest aff In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. FAQ: Is Azure Linux the only Microsoft prod

CVE-2023-31486 [HIGH] CWE-295 HTTP::Tiny before 0.083 a Perl core module since 5.13.9 and available standalone on CPAN has an insecure default TLS configuration where users must opt in to verify certificates. HTTP::Tiny before 0.083 a Perl core module since 5.13.9 and available standalone on CPAN has an insecure default TLS configuration where users must opt in to verify certificates. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentia

CVE-2023-31484 [HIGH] CWE-295 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with th