6 matches found
EUVD-2020-24270
Malware in sbrugna...
CVE-2024-13939
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
CVE-2024-13939 String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
CVE-2024-13939
The connected Astra Linux bulletin cites a timing-attack vulnerability in the Mojolicious Perl component (secure_compare) and notes only versions after 1.74 are affected, aligning with CVE-2024-13939’s class of timing leaks. Fedora/Nessus entries confirm CVE-2024-13939 is addressed by updates to ...
CVE-2024-13939
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...
ROS-20240603-02
A vulnerability in the Format Detection component of the Mojolicious module for Perl is related to errors in releasing resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the securecompare function of the...