CVE-2025-27552

Medium CVSS: 4.0

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.

This vulnerability is associated with program files Crypt/Eksblowfish/Bcrypt.pm.

This issue affects DBIx::Class::EncodedColumn until 0.00032.

Vendor

Product

CWE

CWE-331

Yayın Tarihi

2025-03-26 11:15:39

Güncelleme

2025-09-05 14:15:44

Source Identifier

9b29abf9-4ab0-4765-b253-1875cd9b441e

KEV Date Added

Kategoriler

CWE-331 MEDIUM 2025

Referanslar

https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes https://security.metacpan.org/docs/guides/random-data-for-security.html