CVE-2020-16156 – Ubuntu Security Notice USN-5689-2

https://notcve.org/view.php?id=CVE-2020-16156

13 Dec 2021 — CPAN 2.28 allows Signature Verification Bypass. CPAN versión 2.28, permite una Omisión de Verificación de Firmas USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification. • http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html • CWE-347: Improper Verification of Cryptographic Signature •