Crypt

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-5086 HIGH PATCH This Week

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password.

Information Disclosure Crypt
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-58040 CRITICAL This Week

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Crypt
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-5086
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password.

Information Disclosure Crypt
NVD
CVE-2024-58040
EPSS 0% CVSS 9.1
CRITICAL This Week

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Crypt
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy