2 matches found
UBUNTU-CVE-2025-40920
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
Catalyst::Authentication::Credential::HTTP 安全漏洞
Catalyst::Authentication::Credential::HTTP is a Catalyst open source HTTP basic and digest authentication library. A security vulnerability exists in Catalyst::Authentication::Credential::HTTP version 1.018 and earlier that stems from the use of a non-strongly encrypted source to generate a nonce...