High severity7.5NVD Advisory· Published May 20, 2026· Updated May 21, 2026
CVE-2026-47373
CVE-2026-47373
Description
Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks.
These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: <=0.09
- osv-coords3 versionspkg:rpm/opensuse/perl-Crypt-SaltedHash&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/perl-Crypt-SaltedHash&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/perl-Crypt-SysRandom&distro=openSUSE%20Leap%2016.0
< 0.110.0-bp160.1.1+ 2 more
- (no CPE)range: < 0.110.0-bp160.1.1
- (no CPE)range: < 0.110.0-1.1
- (no CPE)range: < 0.7.0-bp160.1.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.