FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-08-24 11:48:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c323bab5-80dd-11f0-97c4-40b034429ecf	p5-Catalyst-Authentication-Credential-HTTP -- Insecure source of randomness perl-catalyst project reports: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs.* Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616. Discovery 2025-08-11 Entry 2025-08-24 p5-Catalyst-Authentication-Credential-HTTP < 1.019 CVE-2025-40920 https://nvd.nist.gov/vuln/detail/CVE-2025-40920

VuXML ID

Description

c323bab5-80dd-11f0-97c4-40b034429ecf

p5-Catalyst-Authentication-Credential-HTTP -- Insecure source of randomness

perl-catalyst project reports:

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs.* Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616.

Discovery 2025-08-11
Entry 2025-08-24
p5-Catalyst-Authentication-Credential-HTTP

< 1.019

CVE-2025-40920
https://nvd.nist.gov/vuln/detail/CVE-2025-40920