perl-Crypt-URandom (SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5 package perl-Crypt-URandom, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2026-2474 — CVSS 7.5 (high): Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypt_urandom_getrandom()…
CVE-2025-40918 — CVSS 6.5 (medium): Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is…