Lucene search
K

4 matches found

redhatcve
redhatcve
added 2025/07/16 6:38 p.m.9 views

CVE-2025-40919

Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce client nonce is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not...

6.5CVSS6.4AI score0.00275EPSS
Exploits0References2
cve
cve
added 2025/07/16 2:4 p.m.17 views

CVE-2025-40919

The CVE-2025-40919 entry concerns Authen::DigestMD5 for Perl, affecting versions 0.01–0.02. The vulnerability stems from generating the cnonce with an MD5 hash of the PID, epoch time, and Perl’s rand(), which can yield low-entropy values (PID from a small set and potentially guessable epoch time)...

6.5CVSS6.5AI score0.00275EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/07/16 2:4 p.m.12 views

CVE-2025-40919 Authen::DigestMD5 versions 0.01 through 0.04 for Perl generate the cnonce insecurely

Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce client nonce is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not...

7.2AI score0.00275EPSS
Exploits0References2
cvelist
cvelist
added 2025/07/16 2:4 p.m.17 views

CVE-2025-40919 Authen::DigestMD5 versions 0.01 through 0.04 for Perl generate the cnonce insecurely

Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely. The cnonce client nonce is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not...

0.00275EPSS
Exploits0References2
Rows per page
Query Builder