← voltar
CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand

CVSS 7.3 HIGHEPSS 0.4%CWE-331
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
TIMLEGGE · Crypt::DSA

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/changeshttps://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/diff/TIMLEGGE/Crypt-DSA-1.19#lib/Crypt/DSA/KeyChain.pmhttp://www.openwall.com/lists/oss-security/2026/05/15/26