The Mojolicious module before 8.65 for Perl is vulnerable to secure_compare
timing attacks that allow an attacker to guess the length of a secret
string. Only versions after 1.74 are affected.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | libmojolicious-perl | < any | UNKNOWN |
ubuntu | 20.04 | noarch | libmojolicious-perl | < any | UNKNOWN |
ubuntu | 16.04 | noarch | libmojolicious-perl | < any | UNKNOWN |