VDB

GCVE-110-MAGEIA-2013-289

GCVE-110-MAGEIA-2013-289
Advisory Published
Vulnetix · Advisory published September 24, 2013
The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack (CVE-2011-3599). This update removes the fallback to Data::Random.

Affected Products

VendorProductVersionsPlatforms
Mageiaperl-Crypt-DSA0 (affected), 1.170.0-2.1.mga3 (unaffected)
Mageiaperl-Crypt-DSA1.170.0-1.1.mga2 (unaffected), 0 (affected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›