A vulnerability was found in NERDVANA Crypt::SecretBuffer up to 0.018 on Perl and classified as problematic. The affected element is an unknown function. Such manipulation leads to observable timing discrepancy.
| Vendor | Product | Versions |
|---|---|---|
| nerdvana | crypt::secretbuffer | 0, 0.018 |
Updated description with new technical details, changed affected versions to 0.018, updated severity to HIGH, and noted that no exploit exists.
Updated severity to MEDIUM, added CVSS estimate 5.3, confirmed CWE-208, exploit availability, active exploitation, patch availability, and added tag 'timing attack'.
Initial creation
