CVE-2026-47373

Sažetak

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.

Reference

https://github.com/robrwo/perl-Crypt-SaltedHash/commit/c07bfc5c23185b0667233d0f2e1252d81f1f027a.patch
https://metacpan.org/release/RRWO/Crypt-SaltedHash-0.10/changes
http://www.openwall.com/lists/oss-security/2026/05/20/21

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

20-05-2026 - 23:16

Objavljeno

20-05-2026 - 21:16