CVE-2025-15618 — Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses…

March 31, 2026 11:27 /MEDIUM

vulnerabilitycve

🚨 CVE-2025-15618 Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key.

Business::OnlinePayment::StoredTransaction generates a secret key by using a MD5 hash of a single call to the built-in rand function, which is unsuitable for cryptographic use.

This key is intended for encrypting credit card transaction data.

🎖@cveNotify

Found this interesting? Follow us on LinkedIn to stay ahead.

Follow Shimi Cohen Follow Shimi's Cyber World