Filtered by vendor Perl
Subscriptions
Filtered by product Catalyst Authentication Credential Http
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-40920 | 1 Perl | 1 Catalyst Authentication Credential Http | 2025-08-12 | 8.6 High |
| Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs. * Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616. | ||||
Page 1 of 1.