Threats Tagged 'cwe-338'

Mojolicious::Plugin::Web::Auth::OAuth2 versions through 0.17 for Perl have an insecure default state parameter. When no state generator is specified in the constructor, the module defaults to using a SHA-1 hash of predictable and low-entropy sources, including the epoch time (which is leaked via the HTTP Date header) and a call to Perl's built-in rand function. A predictable state allows an attacker to hijack another user's session through cross site request forgery (CSRF).

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 account takeover via predictable restore codes was possible

Mojolicious::Sessions::Storable versions through 0.05 for Perl generate session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, the heap address of an anonymous hash, and the PID. These are predictable or low-entropy sources that are unsuitable for security purposes.

Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl use a predictable nonce generated by hashing the epoch time with MD5, which is a cryptographically weak pseudo-random number generator. This vulnerability (CVE-2026-11832) can lead to compromised confidentiality and integrity of authentication tokens. The CVSS score is 9.1, indicating a critical severity level. No official patch or remediation guidance is currently provided by the vendor.

Crypt::PBKDF2 versions before 0.261630 for Perl use a cryptographically weak pseudo-random number generator for salt generation. Specifically, these versions rely on the built-in rand function, which is predictable and unsuitable for cryptographic purposes. This weakness can compromise the security of derived keys by making salts guessable.

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.1 use `uniqid` for generating salts, which is unsuitable. Version 26.0.1 fixes the issue.

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors (IVs) for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can leverage these vulnerabilities to decrypt sensitive obfuscated strings, including ConnectionString values containing database credentials from appsettings.json.

Weak Randomness / Insecure Cryptographic Primitive (CWE-338) in Get-RandomPassword in BOSH-Ecosystem / windows-utilities-release allows a network attacker to estimate VM boot time and reconstruct a small candidate list to recover the Administrator password. The randomize_password job exists solely to lock the local Administrator account behind an unguessable password as a hardening control. Because the password is derived from a predictable, clock-seeded PRNG, a network attacker who can estimate VM boot time can reconstruct a small candidate list and recover the Administrator password, defeating the hardening control. Affected versions: - windows-utilities-release: all versions prior to v0.23.0 (inclusive); fixed in v0.23.0 or later

CVE-2026-8647 is a medium severity vulnerability in the Perl module Crypt::ScryptKDF versions through 0.010. The module uses an insecure random number source when no cryptographically secure pseudo-random number generator (CSPRNG) module is available. Specifically, the random_bytes function falls back to the built-in rand() function, which is not cryptographically secure. This weakness can reduce the effectiveness of cryptographic operations relying on this module.