Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks.
For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timi
Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks.
These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash
String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string.
As stated in the documentation: "If the lengths of
Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks.
These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess
Crypt::PBKDF2 versions before 0.261630 for Perl generate insecure random values for salts.
These versions use the built-in rand function, which is predictable and unsuitable for cryptography.
Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts.
The built-in rand function is predictable, and unsuitable for cryptography.
Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available.
The random_bytes function fell back to using the built-in rand() function when
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.
Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypt_urandom_getrandom().
The function does not validate that the length parameter i
Crypt::Salt for Perl version 0.01 uses insecure rand() function when generating salts for cryptographic purposes.
Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption.
Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or netw
In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also aff
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product supports
weak cryptographic algorithms, potentially allowing an attacker to decrypt
communicatio
A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive informati
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().
The function does not validate that the length parameter is non-negative
Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows.
bin2hex, encrypt, aes256gcm_encrypt_afternm and seal functions do not check that output size will be less than SIZ
Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration via timing side-channel in password authentication.
Wh
OpenClaw before 2026.4.2 contains a timing side channel vulnerability in shared-secret comparison call sites that use early length-mismatch checks instead of fixed-length comparison helpers. Attackers
IBM Aspera Shares 1.9.9 through 1.11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
Page 1+ Next →