PT-2026-49531 · Timlegge · Crypt::Dsa
Richard Kettlewell
·
Published
2026-06-15
·
Updated
2026-06-15
·
CVE-2026-12205
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery.
Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it.
The first sign() on a Key object picks a nonce, and every later sign() on that same object reuses it, producing an identical "r".
Keys used to sign more than once with an affected version should be considered compromised.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Crypt::Dsa