Lucene search
K

4 matches found

Circl
Circl
added 2025/08/11 10:22 p.m.15 views

CVE-2025-40920

creationtimestamp| type| source ---|---|--- 2025-08-11 22:22:37+00:00| seen| https://seclists.org/oss-sec/2025/q3/92 2025-08-11 22:22:37+00:00| seen| https://seclists.org/oss-sec/2025/q3/92 2025-08-11 22:22:37+00:00| seen| https://seclists.org/oss-sec/2025/q3/92 2025-08-11 22:22:37+00:00| seen|...

8.6CVSS5.7AI score0.00412EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/11 10:6 p.m.4 views

CVE-2025-40920

An insecure nonce generation flaw was found in the Catalyst::Authentication::Credential::HTTP perl module, where it does not use a strong cryptographic source for generating nonces. This flaw allows an attacker to decrypt communications. Mitigation Mitigation for this issue is either not availabl...

8.6CVSS6AI score0.00412EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/08/11 9:15 p.m.4 views

CVE-2025-40920

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...

8.6CVSS5.8AI score0.00412EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/11 8:19 p.m.10 views

CVE-2025-40920 Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...

0.00412EPSS
Exploits0References6
Rows per page
Query Builder