CVE-2018-25107

Опубликовано: 29 дек. 2024

Источник: debian

EPSS Низкий

Описание

The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.

Пакет	Статус	Версия исправления	Релиз	Тип
libcrypt-random-source-perl	fixed	0.14-1		package

https://github.com/karenetheridge/Crypt-Random-Source/pull/3
Fixed by: https://github.com/karenetheridge/Crypt-Random-Source/commit/a8d581af45f74a29aeb5d864c1cb6f50740dfa2f (v0.13)

EPSS

Процентиль: 27%

0.00095

Низкий

CVE-2018-25107

CVSS3: 7.5

ubuntu

около 1 года назад

The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.

CVE-2018-25107

CVSS3: 7.5

nvd

около 1 года назад

The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.

GHSA-r3m8-7h2r-2mp6

CVSS3: 7.5

github

около 1 года назад

The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.

EPSS

Процентиль: 27%

0.00095

Низкий