CNNVD-202506-1878 Information

CNNVD ID

CNNVD-202506-1878

Related CVE

CVE-2025-40916

• CNNVD Published: 2025-06-16

Description (Chinese)

Mojolicious::Plugin::CaptchaPNG是metaCPAN基金会的一款验证码插件。 Mojolicious::Plugin::CaptchaPNG 1.05版本存在安全漏洞，该漏洞源于使用弱随机数源生成验证码。

Description (English)

Mojolicous: :Plugin: :CaptchaPNG is a validation code plugin for the MetaCPAN Foundation. Mojolicous: :Plugin: :CaptchaPNG 1.05 contains a security loophole that originates from the use of a weak random number source to generate authentication codes.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

MetaCPAN

Published

2025-06-16

Last Modified

2026-02-24

References

https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.06/changes https://security.metacpan.org/docs/guides/random-data-for-security.html https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.04/diff/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.05/lib/Mojolicious/Plugin/CaptchaPNG.pm https://metacpan.org/pod/perlfunc#rand https://access.redhat.com/security/cve/cve-2025-40916