Insecure generation of random numbers In libcrypt-dsa-perl
Description
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 debian 11 | - | ||
debian 13 | - | ||
debian 12 | - | ||
debian 14 | 1.20-1 |
Aliases
1. 2. 3. 4. 5.