VYPR

rpm package

opensuse/perl-Crypt-SaltedHash&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/perl-Crypt-SaltedHash&distro=openSUSE%20Leap%2016.0

Vulnerabilities (2)

  • CVE-2026-47372CriMay 20, 2026
    affected < 0.110.0-bp160.1.1fixed 0.110.0-bp160.1.1

    Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable and unsuitable for cryptography.

  • CVE-2026-47373HigMay 20, 2026
    affected < 0.110.0-bp160.1.1fixed 0.110.0-bp160.1.1

    Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash.