Unrated severityNVD Advisory· Published Mar 5, 2026· Updated Mar 5, 2026
Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator
CVE-2024-57854
Description
Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator.
Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors.
Data::Rand::Obscure uses Perl's built-in rand() function, which is not suitable for cryptographic functions.
Affected products
2- Range: <=0.009002
- DOUGDUDE/Net::NSCA::Clientv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.