Scaner-VSvulnerability catalog · v4.2

Home Catalog Sources CWE CAPEC ATT&CK Mitigations Products Vendors Docs

← Back to List

Debian›Distributiondebian

Libcrypt-cbc-perl

Vulnerabilities

2

Known exploited

0

Max CVSS

4

Top EPSS

0.01397

Severity breakdown

Critical

0

High

0

Medium

1

Low

1

Also matched as (raw): libcrypt-cbc-perl

Top vulnerabilities

CVE-2025-2814Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to use the insecure rand() function.

CVE-2006-0898Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael.

View vendor →Open in catalog with product filter →