Lucene search
+L

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8542

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00345EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:9 p.m.11 views

CVE-2020-36829

The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...

7.5CVSS6.7AI score0.00507EPSS
Exploits0
NVD
NVD
added 2025/03/28 3:15 a.m.13 views

CVE-2024-13939

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...

7.5CVSS0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/28 2:5 a.m.18 views

CVE-2024-13939 String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...

0.00345EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 2:5 a.m.10 views

CVE-2024-13939 String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...

7.5CVSS7AI score0.00345EPSS
Exploits0References5
Debian
Debian
added 2024/06/30 9:58 a.m.18 views

[SECURITY] [DLA 3846-1] libmojolicious-perl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3846-1 [email protected] https://www.debian.org/lts/security/ Arturo Borrero Gonzalez June 28, 2024 https://wiki.debian.org/LTS -...

7.5CVSS6.3AI score0.00507EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/30 12:0 a.m.15 views

Debian dla-3846 : libmojolicious-perl - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3846 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3846-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.1AI score0.00507EPSS
Exploits0References4
OSV
OSV
added 2024/05/10 11:7 a.m.4 views

OESA-2024-1518 perl-Mojolicious security update

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

7.5CVSS6.9AI score0.00549EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2024/04/08 12:15 a.m.15 views

CVE-2020-36829

The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...

7.5CVSS7.1AI score0.00507EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/07 12:0 a.m.45 views

CVE-2020-36829

The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...

6.4AI score0.00507EPSS
Exploits0References3
CVE
CVE
added 2024/04/07 12:0 a.m.45 views

CVE-2020-36829

CVE-2020-36829 affects the Mojolicious Perl module prior to 8.65, with the secure_compare timing attack enabling an attacker to infer the length of a secret string (only versions after 1.74 are affected). Connected advisories confirm affected software and fixes: Debian LTS advisory DLA-3846-1 sta...

7.5CVSS6.7AI score0.00507EPSS
Exploits0References3
Rows per page
Query Builder