UBUNTU-CVE-2025-27551
- Source
- https://ubuntu.com/security/CVE-2025-27551
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-27551.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-27551
- Upstream
- Published
- 2025-03-26T11:15:00Z
- Modified
- 2025-10-10T15:26:15Z
- Severity
-
- 4.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes. This vulnerability is associated with program files lib/DBIx/Class/EncodedColumn/Digest.pm. This issue affects DBIx::Class::EncodedColumn until 0.00032.
- References
-
- https://ubuntu.com/security/CVE-2025-27551
- https://www.cve.org/CVERecord?id=CVE-2025-27551
- https://github.com/wreis/DBIx-Class-EncodedColumn/commit/5e9e51f574f7e64e8c014e9e4f00ee8fd87a5335
- https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes
- https://security.metacpan.org/docs/guides/random-data-for-security.html