How severe is CVE-2025-1860?

CVE-2025-1860 has a CVSS v3 score of 7.7 (HIGH).

CVE-2025-1860

7.7HIGH

Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.

Veröffentlicht: 3/28/2025Aktualisiert: 9/5/2025

Beschreibung

Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.

KI-AnalyseKI-gestützt

Referenzen

https://metacpan.org/release/ZEFRAM/Data-Entropy-0.007/source/lib/Data/Entropy.pm#L80
https://perldoc.perl.org/functions/rand
https://lists.debian.org/debian-lts-announce/2025/03/msg00026.html