[SECURITY] Fedora 44 Update: perl-Crypt-PasswdMD5-1.4.3-1.fc44

This package provides MD5-based crypt functions...

Fedora 44 : perl-Crypt-PasswdMD5 (2026-30d86fe986)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-30d86fe986 advisory. This update uses a cryptographically strong random number source rather than perl's rand function to generate random salt values when required CVE-2026-6659...

Fedora 43 : perl-Crypt-PasswdMD5 (2026-96c8ae7dbe)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-96c8ae7dbe advisory. This update uses a cryptographically strong random number source rather than perl's rand function to generate random salt values when required CVE-2026-6659...

[SECURITY] Fedora 43 Update: perl-Crypt-DSA-1.20-1.fc43

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...

[SECURITY] Fedora 42 Update: perl-Crypt-DSA-1.20-1.fc42

Crypt::DSA is an implementation of the DSA Digital Signature Algorithm signature verification system. This package provides DSA signing, signature verification, and key generation. DSA Digital Signature Algorithm signatures are no longer considered to be adequate for security. This module should...

Fedora 45 : perl-Crypt-Argon2 / perl-Dist-Build / perl-ExtUtils-Builder / etc (2026-5d15cef372)

The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-5d15cef372 advisory. Update perl-Crypt-Argon2 to 0.031 2477035 2481131 fixes CVE-2026-8463 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 42 : perl-Crypt-DSA (2026-ffe3625a50)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ffe3625a50 advisory. This update fixes a couple of security issues: Replace two arg open CVE-2026-8704 Replace rand with a cryptographically-secure source of random data...

Fedora 43 : perl-Crypt-DSA (2026-fdc100f74f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fdc100f74f advisory. This update fixes a couple of security issues: Replace two arg open CVE-2026-8704 Replace rand with a cryptographically-secure source of random data...

Fedora 44 : perl-Crypt-DSA (2026-cdcb20089b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cdcb20089b advisory. This update fixes a couple of security issues: Replace two arg open CVE-2026-8704 Replace rand with a cryptographically-secure source of random data...

CVE-2026-8647

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The randombytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

CVE-2026-8647 Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The randombytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

EUVD-2026-32022

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The randombytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

CVE-2026-8647 Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The randombytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

CVE-2026-8647

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The randombytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

CVE-2026-8647

CVE-2026-8647 affects Crypt::ScryptKDF for Perl up to version 0.010. When no CSPRNG module is available, the random_bytes path falls back to Perl's built-in rand(), enabling insecure randomness in key derivation. The issue arises if Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random,...

Crypt::ScryptKDF 安全漏洞

Crypt::ScryptKDF is a Perl cryptography module developed by MIK’s individual developers. It supports Scrypt-based key derivation and cryptographic hash processing functions. Versions of Crypt::ScryptKDF prior to 0.010 contained security vulnerabilities, which stemmed from the use of insecure rand...

CVE-2026-8463

A flaw was found in Crypt::Argon2 for Perl. This vulnerability, a heap out-of-bounds read, occurs in the argon2verify function when processing an empty encoded input. An integer underflow causes the software to read beyond the allocated memory, which can lead to a denial of service DoS by crashin...

Fedora 45 : perl-Crypt-PasswdMD5 (2026-5f1dfcb5c8)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5f1dfcb5c8 advisory. Automatic update for perl-Crypt-PasswdMD5-1.4.3-1.fc45. Changelog Sat May 23 2026 Paul Howarth - 1.4.3-1 - Update to 1.43 - Replace use of the...

OESA-2026-2416 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cryptmessage when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling from cryptmessage, assuming a...

Linux Distros Unpatched Vulnerability : CVE-2026-47373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing cou...