File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1- [id ]
2- ave_id = " AVE-2018-0036"
3- cve_id = " CVE-2018-25107"
4- aliases = [" CVE-2018-25107" ]
5-
61[basic ]
7- title = " Perl Crypt::Random::Source 随机数生成器弱加密漏洞"
8- description = " Perl 的 Crypt::Random::Source 包在 0.13 版本之前存在安全缺陷,当无法获取系统安全随机源时会回退使用 Perl 内置的 rand() 函数。该函数为弱伪随机数生成器(PRNG),产生的随机数可被预测,攻击者可能利用此漏洞获取会话密钥等敏感信息。攻击者无需认证即可通过网络远程利用,具备高机密性影响。"
9- severity = " HIGH"
10- score = 7.5
11- remediation = " 升级 Crypt::Random::Source 至 0.13 或更高版本。可通过 CPAN 安装修复版本:cpanm Crypt::Random::Source,或更新 Perl 环境中相关依赖包至包含安全修复的最新版本。"
12- published = " 2024-12-29"
13- updated = " 2026-06-16"
14- sources = [" avd" , " nvd" ]
15-
16- [affected ]
17- vendor = " Perl"
18- product = " Crypt::Random::Source"
19-
20- [references ]
21- nvd = " https://nvd.nist.gov/vuln/detail/CVE-2018-25107"
22- avd = " "
23- other = [" https://github.com/karenetheridge/Crypt-Random-Source/pull/3" , " https://metacpan.org/release/ETHER/Crypt-Random-Source-0.13/changes" ]
2+ description = " "
3+ published = " "
4+ remediation = " Refer to vendor advisory and upgrade to fixed version."
5+ score = 0.0
6+ severity = " UNKNOWN"
7+ sources = [" avd" ]
8+ title = " CVE-2018-25107 漏洞"
9+ updated = " "
2410
2511[exploit ]
26- poc_urls = []
2712exp_urls = []
28- nuclei_templates = []
13+ poc_urls = []
14+
15+ [id ]
16+ aliases = [" CVE-2018-25107" ]
17+ ave_id = " AVE-2018-0036"
18+ cve_id = " CVE-2018-25107"
2919
3020[meta ]
31- collected_at = " 2026-07-10T12:52:50.648258229 +00:00"
21+ collected_at = " 2026-07-10T21:36:34.668679989 +00:00"
3222status = " completed"
23+
24+ [references ]
25+ urls = []
You can’t perform that action at this time.
0 commit comments