{"id":"UBUNTU-CVE-2025-27552","details":"DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes. This vulnerability is associated with program files Crypt/Eksblowfish/Bcrypt.pm. This issue affects DBIx::Class::EncodedColumn until 0.00032.","modified":"2026-01-20T18:17:23.387447Z","published":"2025-03-26T11:15:00Z","upstream":["CVE-2025-27552"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-27552"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2025-27552"},{"type":"REPORT","url":"https://github.com/wreis/DBIx-Class-EncodedColumn/commit/5e9e51f574f7e64e8c014e9e4f00ee8fd87a5335"},{"type":"REPORT","url":"https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes"},{"type":"REPORT","url":"https://security.metacpan.org/docs/guides/random-data-for-security.html"}],"affected":[{"package":{"name":"libdbix-class-encodedcolumn-perl","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/libdbix-class-encodedcolumn-perl@0.00013-1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.00013-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libdbix-class-encodedcolumn-perl","binary_version":"0.00013-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-27552.json"}},{"package":{"name":"libdbix-class-encodedcolumn-perl","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libdbix-class-encodedcolumn-perl@0.00015-1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.00015-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libdbix-class-encodedcolumn-perl","binary_version":"0.00015-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-27552.json"}},{"package":{"name":"libdbix-class-encodedcolumn-perl","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/libdbix-class-encodedcolumn-perl@0.00020-1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.00016-1","0.00020-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libdbix-class-encodedcolumn-perl","binary_version":"0.00020-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-27552.json"}},{"package":{"name":"libdbix-class-encodedcolumn-perl","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/libdbix-class-encodedcolumn-perl@0.00020-1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.00020-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libdbix-class-encodedcolumn-perl","binary_version":"0.00020-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-27552.json"}},{"package":{"name":"libdbix-class-encodedcolumn-perl","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/libdbix-class-encodedcolumn-perl@0.00020-2?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.00020-2"],"ecosystem_specific":{"binaries":[{"binary_name":"libdbix-class-encodedcolumn-perl","binary_version":"0.00020-2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-27552.json"}},{"package":{"name":"libdbix-class-encodedcolumn-perl","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/libdbix-class-encodedcolumn-perl@0.00020-3?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.00020-2","0.00020-3"],"ecosystem_specific":{"binaries":[{"binary_name":"libdbix-class-encodedcolumn-perl","binary_version":"0.00020-3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-27552.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}