CVE-2024-58040

Critical CVSS: 9.1

Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption.

Vendor

Product

CWE

Yayın Tarihi

2025-09-30 11:37:36

Güncelleme

2026-03-09 17:17:45

Source Identifier

9b29abf9-4ab0-4765-b253-1875cd9b441e

KEV Date Added

CWE-331 Crypt\ CRITICAL Qwer 2025

https://metacpan.org/release/QWER/Crypt-RandomEncryption-0.01/source/lib/Crypt/RandomEncryption.pm#L33 https://perldoc.perl.org/functions/rand https://security.metacpan.org/docs/guides/random-data-for-security.html

High

CVE-2026-30910

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combine…

Critical

CVE-2026-30909

Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcm_encryp…

High

CVE-2026-2597

Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_by…

Critical

CVE-2026-2588

Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems. Sodium.xs casts a S…

High

CVE-2026-2474

Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypt_…

Critical

CVE-2025-15444

Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium libsodium