14 matches found
Fedora 42 : perl-String-Compare-ConstantTime (2025-ce51c124a5)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ce51c124a5 advisory. This release fixes CVE-2024-13939 leaking the length of a secret string Tenable has extracted the preceding description block directly from the Fedora securi...
Fedora: Security Advisory (FEDORA-2025-5d61874568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-ce51c124a5)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-e6f5710dba)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : perl-String-Compare-ConstantTime (2025-5d61874568)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5d61874568 advisory. This release fixes CVE-2024-13939 leaking the length of a secret string Tenable has extracted the preceding description block directly from the Fedo...
Fedora 40 : perl-String-Compare-ConstantTime (2025-e6f5710dba)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e6f5710dba advisory. This release fixes CVE-2024-13939 leaking the length of a secret string Tenable has extracted the preceding description block directly from the Fedo...
CVE-2024-13939
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
CVE-2024-13939
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
CVE-2024-13939
creationtimestamp| type| source ---|---|--- 2025-03-28 02:28:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9252 2025-03-28 05:12:23+00:00| seen| https://t.me/cvedetector/21369...
CVE-2024-13939
The connected Astra Linux bulletin cites a timing-attack vulnerability in the Mojolicious Perl component (secure_compare) and notes only versions after 1.74 are affected, aligning with CVE-2024-13939’s class of timing leaks. Fedora/Nessus entries confirm CVE-2024-13939 is addressed by updates to ...
CVE-2024-13939
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
CVE-2024-13939 String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
CVE-2024-13939 String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
CVE-2024-13939
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...