PT-2026-47726

Catalyst::Plugin::Authentication versions before 0.10 027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

UBUNTU-CVE-2009-10007

Catalyst::Plugin::Authentication versions before 0.10027 for Perl is susceptible to session fixation attacks. Catalyst::Plugin::Authentication does not automatically change the session id after authentication. An attacker that obtains a session id cookie can use this to impersonate the victim...

[SECURITY] Fedora 43 Update: perl-Catalyst-Plugin-Authentication-0.10026-1.fc43

The authentication plugin provides generic user support for Catalyst apps. It is the basis for both authentication checking the user is who they claim to be, and authorization allowing the user to do what the system authorizes them to do...

[SECURITY] Fedora 44 Update: perl-Catalyst-Plugin-Authentication-0.10026-1.fc44

The authentication plugin provides generic user support for Catalyst apps. It is the basis for both authentication checking the user is who they claim to be, and authorization allowing the user to do what the system authorizes them to do...

Fedora 44 : perl-Catalyst-Plugin-Authentication (2026-26666575ae)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-26666575ae advisory. Catalyst::Plugin::Authentication versions through 0.10024 for Perl is susceptible to timing attacks since these versions use Perl's built-in eq comparison...

Fedora: Security Advisory (FEDORA-2025-6df5ab0b98)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : perl-Catalyst-Authentication-Credential-HTTP (2025-6df5ab0b98)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6df5ab0b98 advisory. This update upgrade the package to version 1.019. This version fixes CVE-2025-40920 by using Crypt::SysRandom to generate nonces instead of Data::UUID. Tenab...

[SECURITY] Fedora 42 Update: perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42

This module lets you use HTTP authentication with Catalyst::Plugin::Authentication. Both basic and digest authentication are currently supported...

Fedora: Security Advisory (FEDORA-2025-90d5989bee)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-d72429a1f8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-40920 Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...

CVE-2025-40920

Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...

Mageia: Security Advisory (MGASA-2017-0439)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for perl-Catalyst-Plugin-Static-Simple FEDORA-2017-184d078d87

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for perl-Catalyst-Plugin-Static-Simple FEDORA-2017-5cb8354008

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : perl-Catalyst-Plugin-Static-Simple (2017-184d078d87)

Security fix for CVE-2017-16248. Catalyst::Plugin::Static::Simple has been changed to not serve static files with dots in the names i.e. .svn, .git, ... Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

Fedora 26 : perl-Catalyst-Plugin-Static-Simple (2017-5cb8354008)

Security fix for CVE-2017-16248. Catalyst::Plugin::Static::Simple has been changed to not serve static files with dots in the names i.e. .svn, .git, ... Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...