Lucene search
K

40 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016607 advisory. The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only version...

7.5CVSS7.1AI score0.00507EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016595)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016595 advisory. The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service. Tenable has extracted the precedin...

4.3CVSS5.8AI score0.00549EPSS
Exploits1References4
Amazon
Amazon
added 2025/06/02 12:0 a.m.5 views

Important: perl-Mojolicious

Issue Overview: Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default. These predictable default secrets can be exploited to forge session cookies. An attacker who knows or guesses the secret could...

8.1CVSS6.7AI score0.00473EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-c38fd06bec)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.1AI score0.00459EPSS
Exploits1References4
Fedora
Fedora
added 2025/05/21 2:6 a.m.9 views

[SECURITY] Fedora 41 Update: perl-Mojolicious-9.39-1.fc41

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

8.1CVSS6.8AI score0.00459EPSS
Exploits1
OSV
OSV
added 2025/05/03 4:15 p.m.4 views

AZL-61825 CVE-2024-58134 affecting package perl-Mojolicious 8.57-3

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

8.1CVSS6.6AI score0.00459EPSS
Exploits1References1
OSV
OSV
added 2025/05/03 11:15 a.m.8 views

AZL-61741 CVE-2024-58135 affecting package perl-Mojolicious 8.57-3

Mojolicious versions from 7.28 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default When creating a default app skeleton with the "mojo generate app" tool, a weak secret is written to the application's configuration file using the insecure rand function, and...

5.3CVSS5.8AI score0.00473EPSS
Exploits1References1
OSV
OSV
added 2024/04/08 12:15 a.m.9 views

AZL-43936 CVE-2020-36829 affecting package perl-Mojolicious 8.57-3

The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...

7.5CVSS5.8AI score0.00507EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.7 views

Mageia: Security Advisory (MGASA-2021-0383)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References6
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2014-0488)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OSV
OSV
added 2021/07/27 8:21 p.m.5 views

MGASA-2021-0383 Updated perl-Mojolicious package fixes security vulnerability

This update backports some significant security fixes relating to session security from the upstream 9.19 release. See upstream references for more informations...

7.2AI score
Exploits0References5
OpenVAS
OpenVAS
added 2021/07/11 12:0 a.m.9 views

Fedora: Security Advisory for perl-Mojolicious (FEDORA-2021-eee91f69df)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2021/07/11 12:0 a.m.11 views

Fedora: Security Advisory for perl-Mojolicious (FEDORA-2021-5bbf51d86d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2021/07/09 1:3 a.m.31 views

[SECURITY] Fedora 34 Update: perl-Mojolicious-8.73-2.fc34

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

1.1AI score
Exploits0
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.10 views

Fedora: Security Advisory for perl-Mojolicious (FEDORA-2020-aceb5a1d0a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.12 views

Fedora: Security Advisory for perl-Mojolicious (FEDORA-2020-cc7deffbf1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.9 views

Fedora: Security Advisory for perl-Mojolicious (FEDORA-2020-8d3b359179)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2020/05/19 2:53 a.m.18 views

[SECURITY] Fedora 32 Update: perl-Mojolicious-8.42-1.fc32

Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...

1.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/05/19 12:0 a.m.27 views

Fedora 30 : perl-Mojolicious (2020-8d3b359179)

This package fixes a security issue that allowed for method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

5.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/05/19 12:0 a.m.15 views

Fedora 31 : perl-Mojolicious (2020-aceb5a1d0a)

This package fixes a security issue that allowed for method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

5.4AI score
Exploits0References1
Rows per page
Query Builder