rpm package
opensuse/perl-Authen-SASL&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/perl-Authen-SASL&distro=openSUSE%20Leap%2016.0
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-40918 | Med | 6.5 | < 2.170.0-160000.3.1 | 2.170.0-160000.3.1 | Jul 16, 2025 | Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch t |
- affected < 2.170.0-160000.3.1fixed 2.170.0-160000.3.1
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch t