- Description
- Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to use the insecure rand() function.
- Source
- 9b29abf9-4ab0-4765-b253-1875cd9b441e
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 4
- Impact score
- 1.4
- Exploitability score
- 2.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- Severity
- MEDIUM
- Hype score
- Not currently trending
🚨 CVE-2025-2814 ❓ 🏢 LDS - Crypt::CBC 🏗️ 1.21 🔗 https://t.co/C95hWWhCZa 🔗 https://t.co/mHG2KdgSQQ 🔗 https://t.co/pXPNQA5EWg #CyberCron #VulnAlert #InfoSec https://t.co/LXFmT0JLes
@cybercronai
14 Apr 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2814 Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographi… https://t.co/sbKXh1CHIO
@CVEnew
13 Apr 2025
1036 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-2814 | LDS Crypt::CBC up to 3.04 on Perl rand weak prng) has been published on https://t.co/UGj77Yt1vj
@WolfgangSesin
13 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-2814 | LDS Crypt::CBC up to 3.04 on Perl rand weak prng) has been published on https://t.co/aPrsHDDacX
@WolfgangSesin
13 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes