diff -up HTTP-Tiny-0.074/lib/HTTP/Tiny.pm.orig HTTP-Tiny-0.074/lib/HTTP/Tiny.pm
--- HTTP-Tiny-0.074/lib/HTTP/Tiny.pm.orig	2024-01-16 12:26:34.204388229 +0100
+++ HTTP-Tiny-0.074/lib/HTTP/Tiny.pm	2024-01-16 12:29:19.282808545 +0100
@@ -1778,12 +1778,16 @@ C<timeout> — Request timeout in second
 
 =item *
 
-C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is false)
+C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is true). Changed from false to true for CVE-2023-31486.
 
 =item *
 
 C<SSL_options> — A hashref of C<SSL_*> — options to pass through to L<IO::Socket::SSL>
 
+=item *
+
+C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> — Changes the default certificate verification behavior to not check server identity if set to 1. Only effective if C<verify_SSL> is not set. Added for CVE-2023-31486.
+
 =back
 
 Passing an explicit C<undef> for C<proxy>, C<http_proxy> or C<https_proxy> will