Net-OAuth weak PRNG algorithm vulnerability (CVE-2025-22376)
In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.
CVE number CVE-2025-22376 has been assigned to this vulnerability.
Further information – https://metacpan.org/release/RRWO/Net-OAuth-0.29/changes
Blogger at www.systemtek.co.uk