Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/16 12:0 a.m.4 views

Fedora 42 : perl-Catalyst-Plugin-Session (2025-90d5989bee)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-90d5989bee advisory. This update upgrade the package to version 0.44. This version fixes CVE-2025-40924 by using Crypt::SysRandom to generate properly random session IDs. Tenable...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/16 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-90d5989bee)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00252EPSS
Exploits0References3
NVD
NVD
added 2025/07/17 2:15 p.m.7 views

CVE-2025-40924

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

6.5CVSS0.00252EPSS
Exploits0References3
OSV
OSV
added 2025/07/17 2:15 p.m.6 views

CVE-2025-40924

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

6.5CVSS7AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/17 1:33 p.m.2 views

CVE-2025-40924 Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

7AI score0.00252EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/07/17 1:33 p.m.4 views

CVE-2025-40924

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

6.5CVSS5.3AI score0.00252EPSS
Exploits0
CVE
CVE
added 2025/07/17 1:33 p.m.31 views

CVE-2025-40924

CVE-2025-40924 concerns Catalyst::Plugin::Session for Perl, where session IDs are generated from a low-entropy mix (typically a SHA-1 hash of a counter, epoch time, rand(), PID, and Catalyst context). Multiple sources (NVD entry and OSV-facing disclosures) confirm the underlying cause and the ris...

6.5CVSS6.5AI score0.00252EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/17 12:0 a.m.4 views

CVE-2025-40924

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

6.5CVSS5.8AI score0.00252EPSS
Exploits0References4
Rows per page
Query Builder