CNNVD-202507-2090 Information

CNNVD ID

CNNVD-202507-2090

Related CVE

CVE-2025-40918

• CNNVD Published: 2025-07-16

Description (Chinese)

Authen::SASL::Perl::DIGEST_MD5是Perl社区的一个Perl语言中的模块。 Authen::SASL::Perl::DIGEST_MD5 2.04至2.1800及之前版本存在安全漏洞，该漏洞源于cnonce生成不安全。

Description (English)

Authen: :SASL: :Perl: :DIGEST MD5 is a module in a Perl language in the Perl community. Authen: :SASL: :Perl: :DIGEEST MD5 2.04 to 2.1800 and earlier versions have security loopholes, which stem from the insecurity created by cnonce.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Perplexity

Published

2025-07-16

Last Modified

2026-02-24

References

https://datatracker.ietf.org/doc/html/rfc2831 https://github.com/gbarr/perl-authen-sasl/pull/22 https://metacpan.org/dist/Authen-SASL/source/lib/Authen/SASL/Perl/DIGEST_MD5.pm#L263 https://security.metacpan.org/patches/A/Authen-SASL/2.1800/CVE-2025-40918-r1.patch https://access.redhat.com/security/cve/cve-2025-40918 https://vigilance.fr/vulnerability/Perl-Authen-SASL-Perl-DIGEST-MD5-spoofing-via-utilisation-d-un-mauvais-aleea-47738