Vulnerability Description
Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVSS Score
7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Related Weaknesses (CWE)
References
- https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/changes
- https://metacpan.org/release/TIMLEGGE/Crypt-DSA-1.20/diff/TIMLEGGE/Crypt-DSA-1.1
- http://www.openwall.com/lists/oss-security/2026/05/15/26
FAQ
What is CVE-2026-8700?
CVE-2026-8700 is a vulnerability with a CVSS score of 7.3 (HIGH). Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
How severe is CVE-2026-8700?
CVE-2026-8700 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-8700?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.