216.73.217.80

CVE-2025-27552

· Published 26/03/2025 11:15 · Modified 27/03/2025 16:45

Labels: CVE-2025-27552 2025-03-269b29abf9-4ab0-4765-b253-1875cd9b441eCVE-2025-27552CWE-338

Essential information

Published
26/03/2025 11:15
Modified
27/03/2025 16:45
Author
Creator
CVSS
4.0 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes. This vulnerability is associated with program files Crypt/Eksblowfish/Bcrypt.pm. This issue affects DBIx::Class::EncodedColumn until 0.00032.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
9b29abf9-4ab0-4765-b253-1875cd9b441e
NVD
View on NVD

Affected products (CPE)

ProductCPE
dbix-class / encodedcolumn cpe:2.3:a:dbix-class:encodedcolumn:<0.00032:*:*:*:*:*:*:*

References