CVE-2014-125112

🗓️ 26 Mar 2026 02:04:10Reported by CPANSecType

CVE-2014-125112: Plack::Middleware::Session::Cookie up to 0.21 enables remote code execution via unsigned cookie deserialization.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2014-125112	26 Mar 202602:04	–	attackerkb
Circl	CVE-2014-125112	26 Mar 202603:36	–	circl
CNNVD	Plack::Middleware::Session::Cookie 安全漏洞	26 Mar 202600:00	–	cnnvd
Cvelist	CVE-2014-125112 Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution	26 Mar 202602:04	–	cvelist
Debian CVE	CVE-2014-125112	26 Mar 202602:04	–	debiancve
EUVD	EUVD-2014-9820	26 Mar 202603:30	–	euvd
NVD	CVE-2014-125112	26 Mar 202603:16	–	nvd
OSV	DEBIAN-CVE-2014-125112	26 Mar 202603:16	–	osv
OSV	UBUNTU-CVE-2014-125112	26 Mar 202603:16	–	osv
Positive Technologies	PT-2026-28191	1 Jan 201400:00	–	ptsecurity

NVD

Node

miyagawa plack::middleware::session::cookieRange<0.23perl

[
  {
    "collectionURL": "https://cpan.org/modules",
    "defaultStatus": "unaffected",
    "packageName": "Plack-Middleware-Session",
    "product": "Plack::Middleware::Session::Cookie",
    "repo": "https://github.com/plack/Plack-Middleware-Session",
    "vendor": "MIYAGAWA",
    "versions": [
      {
        "lessThanOrEqual": "0.21",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
metacpan	www.metacpan.org/release/MIYAGAWA/Plack-Middleware-Session-0.23-TRIAL/changes
gist	www.gist.github.com/miyagawa/2b8764af908a0dacd43d
openwall	www.openwall.com/lists/oss-security/2026/03/26/2

17 Jun 2026 00:04Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.19.8

EPSS0.0083

SSVC

CWE-565