QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-40916

Back to search

CVE-2025-40916

Published: Jun 16, 2025

Modified: Jun 16, 2025

PUBLISHED

Description

Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha. That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.

VendorProductVersions

GRYPHON

Mojolicious::Plugin::CaptchaPNG

affected
1.05

Weaknesses (CWE)

CWE-338
CWE-804

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now