Adam Kennedy : Security Vulnerabilities, CVEs,
The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack.
Max CVSS
5.8
EPSS Score
0.42%
Published
2011-10-10
Updated
2011-10-21
1 vulnerabilities found