VYPR
Unrated severityOSV Advisory· Published Jul 18, 2026

Debian libgd-securityimage-perl: GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. …

CVE-2026-13082

Description

GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. The random method creates the challenge text used for the CAPTCHA by sampling characters from an array using Perl's built-in rand function, and generates a (by default) six-character string. The built-in rand function is unsuitable for security applications because it is predictable and reversible.

Affected products

2

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.