EUVD-2024-54366

Malicious code in bioql PyPI...

CVE-2024-52322

WebService::Xero 0.11 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically WebService::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs...

CVE-2024-52322

WebService::Xero 0.11 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically WebService::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs...

CVE-2024-52322 WebService::Xero 0.11 for Perl uses insecure rand() function for cryptographic functions

WebService::Xero 0.11 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically WebService::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs...

CVE-2024-52322

WebService::Xero 0.11 and earlier for Perl uses the non-cryptographically secure rand() as entropy via the Data::Random library, which is described as intended for testing. The vulnerability stems from using a non-cryptographic RNG for cryptographic functions, potentially affecting secrecy of ent...

PT-2025-15065

Name of the Vulnerable Software and Affected Versions WebService::Xero versions 0.11 and earlier Description The issue concerns the use of a non-cryptographically secure source of entropy for cryptographic functions. Specifically, WebService::Xero uses the Data::Random library, which relies on th...

MetaCPAN WebService::Xero 安全漏洞

MetaCPAN WebService::Xero is a component of the MetaCPAN Foundation. A security vulnerability exists in MetaCPAN WebService::Xero version 0.11 and earlier that stems from the use of an insecure random number generator...