118 matches found
CVE-2026-9641
Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations. The default algorithm is HMAC-SHA1, which should only be used for legacy systems. These versions default to using 1000 iterations. Depending on the chosen algorithm, 220,000 to 1,400,000...
Fedora 45 : perl-Crypt-DSA (2026-cf622b92d7)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cf622b92d7 advisory. Automatic update for perl-Crypt-DSA-1.21-1.fc45. Changelog Mon Jun 15 2026 Paul Howarth - 1.21-1 - Update to 1.21 - Fixed key material reuse for multiple...
Linux Distros Unpatched Vulnerability : CVE-2017-20240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks. These versions use Perl's built-in eq comparison. Discrepancies in timing coul...
OPENSUSE-SU-2026:11000-1 perl-Crypt-PasswdMD5-1.430.0-1.1 on GA media
These are all security issues fixed in the perl-Crypt-PasswdMD5-1.430.0-1.1 package on the GA media of openSUSE Tumbleweed...
Amazon Linux 2023 : perl-Crypt-PasswdMD5 (ALAS2023-2026-1796)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1796 advisory. Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. CVE-2026-6659 Tenable has extract...
Medium: perl-Crypt-PasswdMD5
Issue Overview: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. CVE-2026-6659 Affected Packages: perl-Crypt-PasswdMD5 Note: This advisory is applicable to Amazon Linux 2 AL2 Cor...
[SECURITY] Fedora 43 Update: perl-Crypt-Argon2-0.031-1.fc43
This module implements the Argon2 key derivation function, which is suitable to convert any password into a cryptographic key. This is most often used to for secure storage of passwords but can also be used to derive a encryption key from a password. It offers variable time and memory costs as we...
Fedora 44 : perl-Crypt-Argon2 / perl-Dist-Build / perl-ExtUtils-Builder / etc (2026-dafdad8fd3)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-dafdad8fd3 advisory. Update to 0.031 2477035 2481131 fixes CVE-2026-8463 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...
CVE-2026-8647
A flaw was found in perl-Crypt-ScryptKDF. The randombytes function in versions through 0.010 uses an insecure random number source when no cryptographically secure pseudorandom number generator CSPRNG module is available. This occurs because the function falls back to using the built-in rand...
[SECURITY] Fedora 43 Update: perl-Crypt-PasswdMD5-1.4.3-1.fc43
This package provides MD5-based crypt functions...
[SECURITY] Fedora 44 Update: perl-Crypt-PasswdMD5-1.4.3-1.fc44
This package provides MD5-based crypt functions...
Fedora 43 : perl-Crypt-PasswdMD5 (2026-96c8ae7dbe)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-96c8ae7dbe advisory. This update uses a cryptographically strong random number source rather than perl's rand function to generate random salt values when required CVE-2026-6659...
Fedora 44 : perl-Crypt-PasswdMD5 (2026-30d86fe986)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-30d86fe986 advisory. This update uses a cryptographically strong random number source rather than perl's rand function to generate random salt values when required CVE-2026-6659...
[SECURITY] Fedora 43 Update: perl-Crypt-DSA-1.20-1.fc43
Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...
[SECURITY] Fedora 42 Update: perl-Crypt-DSA-1.20-1.fc42
Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...
Fedora 42 : perl-Crypt-DSA (2026-ffe3625a50)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ffe3625a50 advisory. This update fixes a couple of security issues: Replace two arg open CVE-2026-8704 Replace rand with a cryptographically-secure source of random data...
Fedora 43 : perl-Crypt-DSA (2026-fdc100f74f)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fdc100f74f advisory. This update fixes a couple of security issues: Replace two arg open CVE-2026-8704 Replace rand with a cryptographically-secure source of random data...
Fedora 45 : perl-Crypt-Argon2 / perl-Dist-Build / perl-ExtUtils-Builder / etc (2026-5d15cef372)
The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-5d15cef372 advisory. Update perl-Crypt-Argon2 to 0.031 2477035 2481131 fixes CVE-2026-8463 Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 44 : perl-Crypt-DSA (2026-cdcb20089b)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cdcb20089b advisory. This update fixes a couple of security issues: Replace two arg open CVE-2026-8704 Replace rand with a cryptographically-secure source of random data...
OPENSUSE-SU-2026:10836-1 perl-Crypt-SaltedHash-0.110.0-1.1 on GA media
These are all security issues fixed in the perl-Crypt-SaltedHash-0.110.0-1.1 package on the GA media of openSUSE Tumbleweed...