- Description
- In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
- Severity
- MEDIUM
- Hype score
- Not currently trending
CVE-2025-22376 Perl vulnerability in Net::OAuth::Client package before 0.29, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong. CVSS3 base 9.8, Impact 5.9, Vector network https://t.co/PM83ZNON0O #perl
@vFeed_IO
7 Jan 2025
72 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Net-OAuth weak PRNG algorithm vulnerability (CVE-2025-22376) #CVE202522376 #CyberSecurity #NetOAuth #PRNG https://t.co/NxV42Oxwtj
@SystemTek_UK
6 Jan 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22376 - Apache Net::OAuth Client Nonce Generation Vulnerability https://t.co/ZXEOpcKIsj
@WhalersLtd
4 Jan 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22376 Weak Nonce Generation Vulnerability in Net::OAuth::Client Pre-0.29 In Net::OAuth::Client within the Net::OAuth package before version 0.29 for Perl, the default nonce uses a 32-bit integer from the... https://t.co/ye0vCS9BTl
@VulmonFeeds
3 Jan 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22376 In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not … https://t.co/yIT7GrIXTW
@CVEnew
3 Jan 2025
531 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes