The Crypt::Random::Source package before 0.13 for Perl has a fallback to the built-in rand() function, which is not a secure source of random bits.
{ "binaries": [ { "binary_version": "0.11-2", "binary_name": "libcrypt-random-source-perl" } ] }
{ "binaries": [ { "binary_version": "0.12-1", "binary_name": "libcrypt-random-source-perl" } ] }