2 matches found
Security update for perl-Crypt-URandom (important)
openSUSE Security Update: Security update for perl-Crypt-URandom Announcement ID: openSUSE-SU-2026:0110-1 Rating: important References: 1258266 Cross-References: CVE-2026-2474 CVSS scores: CVE-2026-2474 SUSE: 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products:...
CVE-2026-2474
Crypt::URandom for Perl is vulnerable to a heap buffer overflow in the XS function crypturandomgetrandom. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer wraparound, resulting in a...