Security Advisories (1)
CVE-2026-13082 (2026-07-17)

GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. The random method creates the challenge text used for the CAPTCHA by sampling characters from an array using Perl's built-in rand function, and generates a (by default) six-character string. The built-in rand function is unsuitable for security applications because it is predictable and reversible.

NAME

GD::SecurityImage::Magick - Image::Magick backend for GD::SecurityImage.

SYNOPSIS

See GD::SecurityImage.

DESCRIPTION

Includes GD method emulations for Image::Magick.

Used internally by GD::SecurityImage. Nothing public here.

SEE ALSO

GD::SecurityImage.

AUTHOR

Burak Gürsoy, <burak@cpan.org>

COPYRIGHT

Copyright 2004-2005 Burak Gürsoy. All rights reserved.

LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

1 POD Error

The following errors were encountered while parsing the POD:

Around line 195:

Non-ASCII character seen before =encoding in 'Gürsoy,'. Assuming CP1252