CVE-2025-40916 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha. That version uses the built-in rand() functi…
Critical CVSS: 9.1

CVE-2025-40916

Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha.

That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.
Vendor
-
Product
-
CWE
CWE-338
Yayın Tarihi
2025-06-16 11:15:17
Güncelleme
2025-06-16 14:15:22
Source Identifier
9b29abf9-4ab0-4765-b253-1875cd9b441e
KEV Date Added
-

Kategoriler

CWE-338 CRITICAL 2025

Referanslar

https://metacpan.org/pod/perlfunc#rand https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.04/diff/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.05/lib/Mojolicious/Plugin/CaptchaPNG.pm https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.06/changes https://security.metacpan.org/docs/guides/random-data-for-security.html