CVE-2026-47373

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published May 20, 2026

Vendor unknown

Description

Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.

References

https://github.com/robrwo/perl-Crypt-SaltedHash/commit/c07bfc5c23185b0667233d0f2e1252d81f1f027a.patch
https://metacpan.org/release/RRWO/Crypt-SaltedHash-0.10/changes