PT-2026-43430

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random bytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

SUSE CVE-2025-66565

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

CVE-2025-66565 Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values

Fiber Utils is a collection of common functions created for Fiber. In versions 2.0.0-rc.3 and below, when the system's cryptographic random number generator crypto/rand fails, both functions silently fall back to returning predictable UUID values, including the zero UUID...

PT-2025-49761

Name of the Vulnerable Software and Affected Versions Fiber Utils versions 2.0.0-rc.3 and below Description Fiber Utils is a collection of functions for Fiber. In versions 2.0.0-rc.3 and below, if the system’s cryptographic random number generator crypto/rand fails, the software silently reverts ...

PT-2025-45575

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's crypto/rng module. The issue involves ensuring that the set ent function is always set, as it is only provided by the drbg. This ensures proper...

js-compute-runtime 安全漏洞

js-compute-runtime is a Fastly Compute@Edge JavaScript runtime open-sourced by Fastly. A security vulnerability exists in js-compute-runtime versions 0.4.0 through 0.5.3, which stems from the failure of the Math.random and crypto.getRandomValues methods to use sufficient random values...