CVE-2024-58041 in Smolderinfo

Zusammenfassung

von MITRE • 24.02.2026

Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions.

Smolder 1.51 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.

Specifically Smolder::DB::Developer uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

CPANSec

Reservieren

26.03.2025

Veröffentlichung

24.02.2026

Moderieren

akzeptiert

Eintrag

VDB-347514

CPE

bereit

CWE

CWE-338 (bestätigt)

CVSS

9.1 (CISA-ADP)

EPSS

0.00045

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-58041
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-58041
CVE Details	https://www.cvedetails.com/cve/CVE-2024-58041/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!