FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-10-09 11:16:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
cd7f969e-6cb4-11f0-97c4-40b034429ecf	p5-Crypt-CBC -- Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Lib-Crypt-CBC project reports: Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to use the insecure rand() function. Discovery 2025-04-12 Entry 2025-07-29 p5-Crypt-CBC < 3.07 CVE-2025-2814 https://nvd.nist.gov/vuln/detail/CVE-2025-2814

VuXML ID

Description

cd7f969e-6cb4-11f0-97c4-40b034429ecf

p5-Crypt-CBC -- Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Lib-Crypt-CBC project reports:

Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to use the insecure rand() function.

Discovery 2025-04-12
Entry 2025-07-29
p5-Crypt-CBC

< 3.07

CVE-2025-2814
https://nvd.nist.gov/vuln/detail/CVE-2025-2814