Описание
Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha.
That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.
Ссылки
EPSS
Процентиль: 15%
0.00048
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-338
Связанные уязвимости
CVSS3: 9.1
github
8 месяцев назад
Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha. That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.
EPSS
Процентиль: 15%
0.00048
Низкий
9.1 Critical
CVSS3
Дефекты
CWE-338