Crypt Dsa

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-8700	Adam Kennedy Crypt Dsa	Hig	0.47	7.3	May 15, 2026	Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVE-2026-8704	Adam Kennedy Crypt Dsa	Med	0.42	6.5	May 15, 2026	Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
CVE-2011-3599	Adam Kennedy Crypt Dsa		0.00	—	Oct 10, 2011	The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack.

CVE-2026-8700HigMay 15, 2026
Adam Kennedy
Crypt Dsa
risk 0.47cvss 7.3epss 0.00
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVE-2026-8704MedMay 15, 2026
Adam Kennedy
Crypt Dsa
risk 0.42cvss 6.5epss 0.00
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
CVE-2011-3599Oct 10, 2011
Adam Kennedy
Crypt Dsa
risk 0.00cvss —epss 0.00
The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack.