Lucene search
+L

6 matches found

OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-c38fd06bec)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.00459EPSS
Exploits1References4
NVD
NVD
added 2025/05/03 4:15 p.m.14 views

CVE-2024-58134

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

8.1CVSS0.00459EPSS
Exploits1References11
OSV
OSV
added 2025/05/03 4:15 p.m.7 views

AZL-61825 CVE-2024-58134 affecting package perl-Mojolicious 8.57-3

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

8.1CVSS6.6AI score0.00459EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/03 4:8 p.m.19 views

CVE-2024-58134 Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

0.00459EPSS
Exploits1References11
CVE
CVE
added 2025/05/03 4:8 p.m.89 views

CVE-2024-58134

CVE-2024-58134 (Mojolicious on Perl): Affected versions are Mojolicious 0.999922 and later up to 9.39, where the HMAC session cookie secret is derived from a hard-coded string or the app class name by default. This predictable secret enables an attacker who learns or guesses the secret to forge v...

8.1CVSS6.2AI score0.00459EPSS
Exploits1References11Affected Software1
OSV
OSV
added 2025/05/03 4:8 p.m.9 views

CVE-2024-58134 Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

8.1CVSS6.6AI score0.00459EPSS
Exploits1References15
Rows per page
Query Builder