CVE-2025-22376

Опубликовано: 03 янв. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.

Ссылки

EPSS

Процентиль: 67%

0.00527

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-338

Связанные уязвимости

CVE-2025-22376

CVSS3: 5.3

ubuntu

12 месяцев назад

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.

CVE-2025-22376

CVSS3: 4.8

redhat

12 месяцев назад

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.

CVE-2025-22376

CVSS3: 5.3

debian

12 месяцев назад

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, ...

GHSA-w287-9q69-3hx9

CVSS3: 9.8

github

12 месяцев назад

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.

EPSS

Процентиль: 67%

0.00527

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-338