Unrated severityNVD Advisory· Published Mar 5, 2026· Updated Mar 5, 2026
Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator
CVE-2024-57854
Description
Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator.
Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors.
Data::Rand::Obscure uses Perl's built-in rand() function, which is not suitable for cryptographic functions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=0.009002
- DOUGDUDE/Net::NSCA::Clientv5Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.