128 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-13758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form...
DEBIAN-CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
UBUNTU-CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
CVE-2026-13758 CryptX versions before 0.088_001 for Perl compare AEAD authentication tags in non-constant time in the streaming decrypt_done path
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
CVE-2026-13758
CVE-2026-13758 affects CryptX for Perl versions before 0.088_001. The vulnerability stems from a non-constant-time comparison of AEAD authentication tags in the streaming decrypt_done path, using memNE (memcmp() != 0). The run time varies with the number of matching leading bytes across all five ...
CVE-2026-13758
CryptX versions before 0.088001 for Perl compare AEAD authentication tags in non-constant time in the streaming decryptdone path. The decryptdone$tag form compares it against the computed tag with memNE memcmp != 0, which short-circuits on the first differing byte, so its run time depends on the...
openSUSE 16 Security Update : perl-CryptX (openSUSE-SU-2026:20936-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20936-1 advisory. Changes in perl-CryptX: - updated to 0.89.0 0.089 see /usr/share/doc/packages/perl-CryptX/Changes 0.089 2026-05-10 - new: Crypt::ASN1 - new:...
OPENSUSE-SU-2026:20936-1 Security update for perl-CryptX
This update for perl-CryptX fixes the following issues: Changes in perl-CryptX: - updated to 0.89.0 0.089 see /usr/share/doc/packages/perl-CryptX/Changes 0.089 2026-05-10 - new: Crypt::ASN1 - new: Crypt::AuthEnc::SIV - new: Crypt::AuthEnc::XChaCha20Poly1305 - new: Crypt::Cipher::SM4 - new:...
perl-CryptX-0.89.0-2.1 on GA media (moderate)
perl-CryptX-0.89.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10968-1 Rating: moderate Cross-References: CVE-2026-41565 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2026:10968-1 perl-CryptX-0.89.0-2.1 on GA media
These are all security issues fixed in the perl-CryptX-0.89.0-2.1 package on the GA media of openSUSE Tumbleweed...
[SECURITY] Fedora 43 Update: perl-CryptX-0.089-1.fc43
This Perl library provides a cryptography based on LibTomCrypt library...
Fedora 44 : perl-CryptX (2026-2158c96917)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2158c96917 advisory. Fixes CVE-2026-41565 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...
Fedora 43 : perl-CryptX (2026-2ef4c0c642)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2ef4c0c642 advisory. Fixes CVE-2026-41565 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...
SUSE CVE-2026-41565
CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer...
CVE-2026-41565
CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer...
Linux Distros Unpatched Vulnerability : CVE-2026-41565
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify,...
CVE-2026-41565
A flaw was found in perl-CryptX. A stack buffer overflow vulnerability exists in the AEAD Authenticated Encryption with Associated Data decryptverify helper routines. An attacker who can control the length of the authentication tag provided to these routines can cause a buffer overflow, potential...
CVE-2026-41565
CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer...