60 matches found
CVE-2026-45180 Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids
Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' session ids may be leaked. This may allow an attacker to use session ids a...
PT-2026-39537
Name of the Vulnerable Software and Affected Versions Catalyst::Plugin::Statsd versions prior to 0.10.0 Description Catalyst::Plugin::Statsd for Perl may leak session ids. This occurs if the communication channel to the statsd daemon is not secured, such as when sending UDP packets to a host on...
Catalyst::Plugin::Statsd 安全漏洞
Catalyst::Plugin::Statsd is a plugin module by Robert Rothenberg, an individual developer, for capturing application runtime metrics and sending them to a statistics system. A security vulnerability exists in Catalyst::Plugin::Statsd 0.10.0 and earlier versions, which stems from an unencrypted...
EUVD-2018-13819
Malware in sbrugna...
EUVD-2025-21775
Malicious code in bioql PyPI...
Fedora: Security Advisory (FEDORA-2025-90d5989bee)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2018-25052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the...
Linux Distros Unpatched Vulnerability : CVE-2017-16248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the...
Linux Distros Unpatched Vulnerability : CVE-2025-40924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple...
DEBIAN-CVE-2025-40924
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
CVE-2025-40924
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
UBUNTU-CVE-2025-40924
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
CVE-2025-40924
CVE-2025-40924 concerns Catalyst::Plugin::Session for Perl, where session IDs are generated from a low-entropy mix (typically a SHA-1 hash of a counter, epoch time, rand(), PID, and Catalyst context). Multiple sources (NVD entry and OSV-facing disclosures) confirm the underlying cause and the ris...
CVE-2025-40924 Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...
Catalyst-Plugin-Session 安全漏洞
Catalyst-Plugin-Session is a Catalyst open source application. A security vulnerability exists in Catalyst-Plugin-Session versions prior to 0.44 that stems from an insecure way of generating session IDs, which could lead to session hijacking...
CVE-2018-25052
A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...
PT-2025-29908 · Catalyst +1 · Catalyst-Plugin-Session +1
Name of the Vulnerable Software and Affected Versions: Catalyst::Plugin::Session versions prior to 0.44 Description: The session ID generation process uses low-entropy data, including a counter, epoch time, the rand function, the process ID PID, and the Catalyst context. The rand function is...
CVE-2018-25052
A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...
CVE-2018-25052
A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...
DEBIAN-CVE-2018-25052
A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...