CPAN 2.28 allows for a signature verification bypass.
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ https://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html