Nixpkgs security tracker

Untriaged

Permalink CVE-2026-5091

created 2 weeks, 5 days ago Activity log

Created suggestion 2 weeks, 5 days ago

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks

Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks. These versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password.

References

Affected products

Catalyst-Plugin-Authentication

=<0.10024

Matching in nixpkgs

pkgs.perlPackages.CatalystPluginAuthentication

Infrastructure plugin for the Catalyst authentication framework

nixos-unstable 0.10023
- nixpkgs-unstable 0.10023
- nixos-unstable-small 0.10023

pkgs.perl5Packages.CatalystPluginAuthentication

Infrastructure plugin for the Catalyst authentication framework

nixos-unstable 0.10023
- nixpkgs-unstable 0.10023
- nixos-unstable-small 0.10023

pkgs.perl538Packages.CatalystPluginAuthentication

None

pkgs.perl540Packages.CatalystPluginAuthentication