How severe is CVE-2024-57835?

CVE-2024-57835 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2024-57835

Name: line_integration_for_amon2
Author: nipotan

5.5MEDIUM

Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random defaults to Perl's built-in predictable random number generator, the rand() function, which is not cry

Publicado: 4/5/2025Atualizado: 4/8/2025

Descrição

Amon2::Auth::Site::LINE uses the String::Random module to generate nonce values. String::Random defaults to Perl's built-in predictable random number generator, the rand() function, which is not cryptographically secure

Análise IADesenvolvido por IA

Produtos Afetados

nipotanline_integration_for_amon2

Referências

https://metacpan.org/release/SHLOMIF/String-Random-0.32/source/lib/String/Random.pm#L377
Product
https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L235
Product
https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L255
Product
https://security.metacpan.org/docs/guides/random-data-for-security.html
Technical Description