Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function
Apache::SessionX versions through 2.01 for Perl create insecure session id
Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions
Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids
Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely
WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions
Fiber insecurely fallsback in utils.UUIDv4() / utils.UUID() — predictable / zero‑UUID on crypto/rand failure
Coturn has unsafe nonce and relay port randomization due to weak random number generation.
FreshRSS has weak cryptographic randomness in remember-me token and nonce generation
Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4, PowerG use of Cryptographically Weak Pseudo-Random Number Generator
WBCE CMS has Weak Random Number Generator in Password Generation Function
Fiber Utils UUIDv4 and UUID Silent Fallback to Predictable Values
Apache Druid: Kerberos authenticaton chooses a cryptographically unsecure secret if not configured explicitly.
Jumo: Insufficient entropy in PRNG may lead to root access
Crypt::RandomEncryption for Perl uses insecure rand() function during encryption
Starch versions 0.14 and earlier generate session ids insecurely
Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces
Vision UI's security-kit Contains Cryptographic Weakness
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely
Showing 1 - 20 of 1,000+ results