CVE-2025-40915 Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens

Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand function...

PT-2025-25230 · Unknown · Mojolicious::Plugin::Csrf

Name of the Vulnerable Software and Affected Versions: Mojolicious::Plugin::CSRF version 1.03 Description: The issue concerns a weak random number source used for generating CSRF tokens. Specifically, the tokens are generated as an MD5 of the process id, the current time, and a single call to the...