High severity7.7NVD Advisory· Published Mar 28, 2025· Updated Apr 15, 2026
CVE-2025-1860
CVE-2025-1860
Description
Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5<=0.007+ 1 more
- (no CPE)range: <=0.007
- (no CPE)range: <=0.007
- osv-coords3 versionspkg:rpm/opensuse/perl-Data-Entropy&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/perl-Data-Entropy&distro=openSUSE%20Tumbleweedpkg:rpm/suse/perl-Data-Entropy&distro=SUSE%20Package%20Hub%2015%20SP6
< 0.8.0-bp156.4.3.1+ 2 more
- (no CPE)range: < 0.8.0-bp156.4.3.1
- (no CPE)range: < 0.8.0-1.1
- (no CPE)range: < 0.8.0-bp156.4.3.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.