← volver
CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand

CVSS 7.3 HIGHEPSS 0.4%CWE-331
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Productos afectados
TIMLEGGE · Crypt::DSA

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/changeshttps://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/diff/TIMLEGGE/Crypt-DSA-1.19#lib/Crypt/DSA/KeyChain.pmhttp://www.openwall.com/lists/oss-security/2026/05/15/26