5 matches found
EUVD-2025-13360
Malicious code in bioql PyPI...
Fedora 41 : perl-Mojolicious (2025-c38fd06bec)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c38fd06bec advisory. Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by...
CVE-2024-58134 Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default
Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...
CVE-2024-58134
CVE-2024-58134 (Mojolicious on Perl): Affected versions are Mojolicious 0.999922 and later up to 9.39, where the HMAC session cookie secret is derived from a hard-coded string or the app class name by default. This predictable secret enables an attacker who learns or guesses the secret to forge v...
PT-2025-18947 · Unknown +1 · Mojolicious +1
Name of the Vulnerable Software and Affected Versions: Mojolicious versions 0.999922 through 9.39 Description: The issue concerns the use of a hard-coded string or the application's class name as a HMAC session secret by default in Mojolicious for Perl. This predictable default secret can be...