Fedora 44 perl-Catalyst-Plugin-Authentication Vulnerability CVE-2026-5091
fedora
June 1, 2026
Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison
Summary
The authentication plugin provides generic user support for Catalyst apps.
It is the basis for both authentication (checking the user is who they
claim to be), and authorization (allowing the user to do what the system
authorizes them to do).
Update Information:
Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison. Discrepencies in timing could be used to guess the underlying hash or password. Version 0.10026 of the module fixes this issue.
Topics Covered
Change Log
* Sun May 24 2026 Emmanuel Seyman
References
[ 1 ] Bug #2483712 - CVE-2026-5091 perl-Catalyst-Plugin-Authentication: Catalyst::Plugin::Authentication: Information disclosure via timing attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2483712
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-26666575ae' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Name: perl-Catalyst-Plugin-Authentication
Product: Fedora 44
Version: 0.10026
Release: 1.fc44
Summary: Infrastructure plugin for the Catalyst authentication framework
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!