Lucene search
K

60 matches found

Vulnrichment
Vulnrichment
added 2026/05/10 8:3 p.m.8 views

CVE-2026-45180 Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids

Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured for example, by sending UDP packets to a host on another network, then users' session ids may be leaked. This may allow an attacker to use session ids a...

5.8AI score0.00244EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.15 views

PT-2026-39537

Name of the Vulnerable Software and Affected Versions Catalyst::Plugin::Statsd versions prior to 0.10.0 Description Catalyst::Plugin::Statsd for Perl may leak session ids. This occurs if the communication channel to the statsd daemon is not secured, such as when sending UDP packets to a host on...

7.5CVSS5.8AI score0.00244EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.9 views

Catalyst::Plugin::Statsd 安全漏洞

Catalyst::Plugin::Statsd is a plugin module by Robert Rothenberg, an individual developer, for capturing application runtime metrics and sending them to a statistics system. A security vulnerability exists in Catalyst::Plugin::Statsd 0.10.0 and earlier versions, which stems from an unencrypted...

7.5CVSS5.8AI score0.00244EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-13819

Malware in sbrugna...

6.1CVSS4.5AI score0.00529EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-21775

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00252EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/09/16 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-90d5989bee)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00252EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2018-25052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the...

6.1CVSS3.2AI score0.00529EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-16248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the...

7.5CVSS7.3AI score0.02434EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-40924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple...

6.5CVSS5.8AI score0.00252EPSS
Exploits0References3
OSV
OSV
added 2025/07/17 2:15 p.m.1 views

DEBIAN-CVE-2025-40924

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

6.5CVSS5.3AI score0.00252EPSS
Exploits0References1
NVD
NVD
added 2025/07/17 2:15 p.m.7 views

CVE-2025-40924

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

6.5CVSS0.00252EPSS
Exploits0References3
OSV
OSV
added 2025/07/17 2:15 p.m.3 views

UBUNTU-CVE-2025-40924

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

6.5CVSS5.8AI score0.00252EPSS
Exploits0References5
CVE
CVE
added 2025/07/17 1:33 p.m.30 views

CVE-2025-40924

CVE-2025-40924 concerns Catalyst::Plugin::Session for Perl, where session IDs are generated from a low-entropy mix (typically a SHA-1 hash of a counter, epoch time, rand(), PID, and Catalyst context). Multiple sources (NVD entry and OSV-facing disclosures) confirm the underlying cause and the ris...

6.5CVSS6.5AI score0.00252EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/17 1:33 p.m.2 views

CVE-2025-40924 Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely

Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely. The session id is generated from a usually SHA-1 hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID wil...

7AI score0.00252EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/17 12:0 a.m.2 views

Catalyst-Plugin-Session 安全漏洞

Catalyst-Plugin-Session is a Catalyst open source application. A security vulnerability exists in Catalyst-Plugin-Session versions prior to 0.44 that stems from an insecure way of generating session IDs, which could lead to session hijacking...

6.5CVSS6.3AI score0.00252EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 1:29 p.m.7 views

CVE-2018-25052

A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...

6.1CVSS6.2AI score0.00529EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-29908 · Catalyst +1 · Catalyst-Plugin-Session +1

Name of the Vulnerable Software and Affected Versions: Catalyst::Plugin::Session versions prior to 0.44 Description: The session ID generation process uses low-entropy data, including a counter, epoch time, the rand function, the process ID PID, and the Catalyst context. The rand function is...

6.5CVSS6.5AI score0.00252EPSS
Exploits0References15
NVD
NVD
added 2022/12/28 12:15 p.m.14 views

CVE-2018-25052

A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...

6.1CVSS0.00529EPSS
Exploits0References4
OSV
OSV
added 2022/12/28 12:15 p.m.14 views

CVE-2018-25052

A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...

6.1CVSS6.1AI score
Exploits0References4
OSV
OSV
added 2022/12/28 12:15 p.m.2 views

DEBIAN-CVE-2018-25052

A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function loadsessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site...

6.1CVSS3.2AI score0.00529EPSS
Exploits0References1
Rows per page
Query Builder