Crypt-SecretBuffer-0.005

Security Advisories (1)

CVE-2026-5086 (2026-04-13)

Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example, if Crypt::SecretBuffer was used to store and compare plaintext passwords, then discrepencies in timing could be used to guess the secret password.

https://metacpan.org/release/NERDVANA/Crypt-SecretBuffer-0.019/source/Changes

Changes for version 0.005 - 2025-06-05

Fix bug in index() that fails to search on final char of buffer
Improved OS feature detection, which should fix many build failures
Fix 5.8 compat
More unit tests
Document security policy

Documentation

README.md

SECURITY.md

Modules

Crypt::SecretBuffer

Prevent accidentally leaking a string of sensitive data

Crypt::SecretBuffer::AsyncResult

Observe results of a write_async operation

Provides

Crypt::SecretBuffer::Exports

in lib/Crypt/SecretBuffer.pm

Other files

To install Crypt::SecretBuffer, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Crypt::SecretBuffer

CPAN shell

perl -MCPAN -e shell
install Crypt::SecretBuffer

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 0.005 - 2025-06-05

Documentation

Modules

Provides

Other files

Module Install Instructions

Keyboard Shortcuts