MGASA-2026-0160 Updated perl-Catalyst-Plugin-Authentication package fixes a security vulnerability

The updated package fixes a security vulnerability: Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. CVE-2026-5091...

Linux Distros Unpatched Vulnerability : CVE-2026-5091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison...

DEBIAN-CVE-2026-5091

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password...

UBUNTU-CVE-2026-5091

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password...

CVE-2026-5091

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password...

CVE-2026-5091

CVE-2026-5091 affects Catalyst::Plugin::Authentication up to version 0.10024 for Perl. The issue is a timing-attack vulnerability arising from using Perl’s built-in eq comparison, enabling an attacker with local access to distinguish timing differences and potentially infer the underlying hash or...

CVE-2026-5091 Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password...

CVE-2025-5091

creationtimestamp| type| source ---|---|--- 2025-10-16 21:02:24+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m3dnrjlblh2i 2025-10-17 21:02:23+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m3g6afytja23...

Linux Distros Unpatched Vulnerability : CVE-2017-5091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds...

CVE-2010-5091

The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file...

CVE-2019-5091

An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability...

WordPress SKT Addons for Elementor Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software SKT Addons for Elementor Type Plugin Vulnerable versions = 2.0 Fixed in 2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5091 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 81d64b5eccce Credits stealthcopter...

CVE-2019-5091

creationtimestamp| type| source ---|---|--- 2024-03-10 14:46:50+00:00| seen| https://t.me/ctinow/204274...

CVE-2023-5091

creationtimestamp| type| source ---|---|--- 2024-01-08 11:26:21+00:00| seen| https://t.me/ctinow/164287 2024-01-25 10:46:10+00:00| seen| https://t.me/ctinow/173371...

CVE-2023-5091

CVE-2023-5091 describes a Use-After-Free vulnerability in ARM Mali Valhall GPU Kernel Driver. The issue affects the Valhall GPU Kernel Driver versions from r37p0 through r40p0 and allows a local, non-privileged user to cause improper GPU processing operations to access memory that has already bee...

CVE-2023-5091 Mali GPU Kernel Driver allows improper GPU processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Driver: from r37p0 through r40p0...

Rocky Linux 9 : kernel-rt (RLSA-2023:5091)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5091 advisory. - A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options...

RHEL 9 : kernel-rt (RHSA-2023:5091)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5091 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

SUSE CVE-2017-5091

A use after free in IndexedDB in Google Chrome prior to 60.0.3112.78 for Linux, Android, Windows, and Mac allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

SUSE CVE-2018-5091

A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.6 and Firefox 58...