| CVE编号 | CVE-2025-1828 |
|---|---|
| 发布日期 | 2025-03-10T23:51:33.279Z |
| 更新日期 | 2025-03-11T02:20:43.618Z |
| 状态 | PUBLISHED |
| 受影响的供应商 | perl |
| 受影响的产品 | Crypt::Random |
| 描述 | Crypt::Random Perl package 1.05 through 1.55 may use rand() function, which is not cryptographically strong, for cryptographic functions. Crypt::Random::rand 1.05 through 1.55 uses the rand() function. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon (egd) service is not available Crypt::Random will default to use the insecure Crypt::Random::rand provider. In particular, Windows versions of perl will encounter this issue by default. |
参考链接:
