admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-12-30 05:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-05 17:00:36 +00:00
parent 9211366ba8
commit 4ec013dbfd
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
3 changed files with 250 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
2024/52xxx/CVE-2024-52322.json
View File

@ -1,18 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-52322",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve-request@security.metacpan.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "WebService::Xero 0.11 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.\n\nSpecifically WebService::Xero uses the Data::Random library which specifically states that it is \"Useful mostly for test programs\". Data::Random uses the rand() function."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"cweId": "CWE-338"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "LOCALSHOP",
"product": {
"product_data": [
{
"product_name": "WebService::Xero",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "0.11"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://perldoc.perl.org/functions/rand",
"refsource": "MISC",
"name": "https://perldoc.perl.org/functions/rand"
},
{
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html",
"refsource": "MISC",
"name": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
},
{
"url": "https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537",
"refsource": "MISC",
"name": "https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537"
},
{
"url": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent.pm#L17",
"refsource": "MISC",
"name": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent.pm#L17"
},
{
"url": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent.pm#L178",
"refsource": "MISC",
"name": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent.pm#L178"
},
{
"url": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent/PublicApplication.pm#L13",
"refsource": "MISC",
"name": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent/PublicApplication.pm#L13"
},
{
"url": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent/PublicApplication.pm#L93",
"refsource": "MISC",
"name": "https://metacpan.org/release/LOCALSHOP/WebService-Xero-0.11/source/lib/WebService/Xero/Agent/PublicApplication.pm#L93"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Robert Rothenberg (RRWO)"
}
]
}

76
2024/57xxx/CVE-2024-57835.json
View File

@ -1,18 +1,86 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57835",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve-request@security.metacpan.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Amon2::Auth::Site::LINE uses the String::Random module\u00a0to generate nonce values.\u00a0\n\nString::Random\u00a0defaults to Perl's built-in predictable\u00a0random number generator,\u00a0the rand() function, which is not cryptographically secure"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"cweId": "CWE-338"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TANIGUCHI",
"product": {
"product_data": [
{
"product_name": "Amon2::Auth::Site::LINE",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "0.04"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://metacpan.org/release/SHLOMIF/String-Random-0.32/source/lib/String/Random.pm#L377",
"refsource": "MISC",
"name": "https://metacpan.org/release/SHLOMIF/String-Random-0.32/source/lib/String/Random.pm#L377"
},
{
"url": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L235",
"refsource": "MISC",
"name": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L235"
},
{
"url": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L255",
"refsource": "MISC",
"name": "https://metacpan.org/release/TANIGUCHI/Amon2-Auth-Site-LINE-0.04/source/lib/Amon2/Auth/Site/LINE.pm#L255"
},
{
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html",
"refsource": "MISC",
"name": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
}
}

89
2024/58xxx/CVE-2024-58036.json
View File

@ -1,18 +1,97 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-58036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve-request@security.metacpan.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.\n\nSpecifically Net::Dropbox::API uses the Data::Random library which specifically states that it is \"Useful mostly for test programs\". Data::Random uses the rand() function."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"cweId": "CWE-338"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NORBU",
"product": {
"product_data": [
{
"product_name": "Net::Dropbox::API",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "1.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://perldoc.perl.org/functions/rand",
"refsource": "MISC",
"name": "https://perldoc.perl.org/functions/rand"
},
{
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html",
"refsource": "MISC",
"name": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
},
{
"url": "https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537",
"refsource": "MISC",
"name": "https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537"
},
{
"url": "https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L385",
"refsource": "MISC",
"name": "https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L385"
},
{
"url": "https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L11",
"refsource": "MISC",
"name": "https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L11"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "Robert Rothenberg (RRWO)"
}
]
}