Skip to main content

Authen

2 CVEs product

Monthly

CVE-2026-46473 HIGH PATCH This Week

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

Information Disclosure Authen
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2012-2770 MEDIUM PATCH This Month

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Authen
NVD
CVSS 2.0
5.0
EPSS
0.3%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.

Information Disclosure Authen
NVD GitHub VulDB
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Authen
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy