Security Advisory

CVE-2024-57854

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-05 02:18:25
Last updated 2026-03-05 16:41:19
Assigner CPANSec
State PUBLISHED

Description

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perls built-in rand() function, which is not suitable for cryptographic functions.