Unrated severityOSV Advisory· Published Jul 18, 2026
Debian libgd-securityimage-perl: GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. …
CVE-2026-13082
Description
GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. The random method creates the challenge text used for the CAPTCHA by sampling characters from an array using Perl's built-in rand function, and generates a (by default) six-character string. The built-in rand function is unsuitable for security applications because it is predictable and reversible.
Affected products
2- Range: v1.75, v1.74, v1.73, …
- Range: <=1.75
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.