VYPR

CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

BaseDraftLikelihood: Medium

Description

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (109)

page 4 of 6
  • CVE-2009-3238MedSep 18, 2009
    risk 0.36cvss 5.5epss 0.02

    The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the…

  • CVE-2026-8503MedMay 15, 2026
    risk 0.35cvss 6.5epss 0.00

    Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids. Apache::Session::Generate::SHA256 generated session ids insecurely. The default session id generator returns a SHA-256 hash of the built-in rand() function, the epoch time, and the…

  • CVE-2025-40924MedJul 17, 2025
    risk 0.35cvss 6.5epss 0.00

    Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low…

  • CVE-2025-40918MedJul 16, 2025
    risk 0.35cvss 6.5epss 0.00

    Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch…

  • CVE-2024-56830MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present.

  • CVE-2002-20002MedJan 2, 2025
    risk 0.35cvss 5.4epss 0.00

    The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys.

  • CVE-2026-6146MedMay 11, 2026
    risk 0.34cvss 5.3epss 0.00

    Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys. Amazon::Credentials stores credentials in an obfuscated form to prevent access to the secrets from a data dump of the object. Before version 1.3.0, the secrets were encrypted using a…

  • CVE-2026-5083MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Ado::Sessions versions through 0.935 for Perl generates insecure session ids. The session id is generated from a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if…

  • CVE-2026-5082MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id. The generate_session_id function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes using SHA-1 hash seeded with…

  • CVE-2025-1805MedApr 2, 2025
    risk 0.34cvss 5.3epss 0.00

    Crypt::Salt for Perl version 0.01 uses insecure rand() function when generating salts for cryptographic purposes.

  • CVE-2025-21617MedJan 6, 2025
    risk 0.34cvss epss 0.00

    Guzzle OAuth Subscriber signs Guzzle requests using OAuth 1.0. Prior to 0.8.1, Nonce generation does not use sufficient entropy nor a cryptographically secure pseudorandom source. This can leave servers vulnerable to replay attacks when TLS is not used. This vulnerability is…

  • CVE-2023-50059MedApr 30, 2024
    risk 0.34cvss 5.3epss 0.00

    An issue ingalxe.com Galxe platform 1.0 allows a remote attacker to obtain sensitive information via the Web3 authentication process of Galxe, the signed message lacks a nonce (random number)

  • CVE-2026-8647MedMay 26, 2026
    risk 0.31cvss 4.8epss 0.00

    Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random_bytes function fell back to using the built-in rand() function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay,…

  • CVE-2024-45751MedSep 6, 2024
    risk 0.31cvss 5.9epss 0.01

    tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

  • CVE-2024-58135MedMay 3, 2025
    risk 0.28cvss 5.3epss 0.00

    Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default. When creating a default app skeleton with the "mojo generate app" tool, a weak secret is written to the application's configuration file using…

  • CVE-2017-16028MedJun 4, 2018
    risk 0.28cvss 5.3epss 0.01

    react-native-meteor-oauth is a library for Oauth2 login to a Meteor server in React Native. The oauth Random Token is generated using a non-cryptographically strong RNG (Math.random()).

  • CVE-2025-22376MedJan 3, 2025
    risk 0.27cvss 5.3epss 0.01

    In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.

  • CVE-2025-27552MedMar 26, 2025
    risk 0.26cvss 4.0epss 0.00

    DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes. This vulnerability is associated with program files Crypt/Eksblowfish/Bcrypt.pm. This issue affects DBIx::Class::EncodedColumn until 0.00032.

  • CVE-2025-27551MedMar 26, 2025
    risk 0.26cvss 4.0epss 0.00

    DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes. This vulnerability is associated with program files lib/DBIx/Class/EncodedColumn/Digest.pm. This issue affects DBIx::Class::EncodedColumn until 0.00032.

  • CVE-2017-11671MedJul 26, 2017
    risk 0.26cvss 4.0epss 0.00

    Under certain circumstances, the ix86_expand_builtin function in i386.c in GNU Compiler Collection (GCC) version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can…