CVE-2025-1860

{"id": "CVE-2025-1860", "cveTags": [], "metrics": {}, "published": "2025-03-28T01:15:16.063", "references": [{"url": "https://metacpan.org/release/ZEFRAM/Data-Entropy-0.007/source/lib/Data/Entropy.pm#L80", "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"}, {"url": "https://perldoc.perl.org/functions/rand", "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00026.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "description": [{"lang": "en", "value": "CWE-338"}]}], "descriptions": [{"lang": "en", "value": "Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not\u00a0cryptographically secure,\u00a0for cryptographic functions."}, {"lang": "es", "value": "Data::Entropy para Perl 0.007 y anteriores utilizan la funci\u00f3n rand() como fuente predeterminada de entrop\u00eda, que no es criptogr\u00e1ficamente segura para las funciones criptogr\u00e1ficas."}], "lastModified": "2025-04-02T22:15:18.623", "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e"}