40 matches found
Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016607)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016607 advisory. The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only version...
Unity Linux 20.1050e / 20.1070e Security Update: perl-Mojolicious (UTSA-2026-016595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016595 advisory. The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service. Tenable has extracted the precedin...
Important: perl-Mojolicious
Issue Overview: Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default. These predictable default secrets can be exploited to forge session cookies. An attacker who knows or guesses the secret could...
Fedora: Security Advisory (FEDORA-2025-c38fd06bec)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 41 Update: perl-Mojolicious-9.39-1.fc41
Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...
AZL-61825 CVE-2024-58134 affecting package perl-Mojolicious 8.57-3
Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...
AZL-61741 CVE-2024-58135 affecting package perl-Mojolicious 8.57-3
Mojolicious versions from 7.28 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default When creating a default app skeleton with the "mojo generate app" tool, a weak secret is written to the application's configuration file using the insecure rand function, and...
AZL-43936 CVE-2020-36829 affecting package perl-Mojolicious 8.57-3
The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...
Mageia: Security Advisory (MGASA-2021-0383)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0488)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2021-0383 Updated perl-Mojolicious package fixes security vulnerability
This update backports some significant security fixes relating to session security from the upstream 9.19 release. See upstream references for more informations...
Fedora: Security Advisory for perl-Mojolicious (FEDORA-2021-eee91f69df)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for perl-Mojolicious (FEDORA-2021-5bbf51d86d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 34 Update: perl-Mojolicious-8.73-2.fc34
Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...
Fedora: Security Advisory for perl-Mojolicious (FEDORA-2020-aceb5a1d0a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for perl-Mojolicious (FEDORA-2020-cc7deffbf1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for perl-Mojolicious (FEDORA-2020-8d3b359179)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 32 Update: perl-Mojolicious-8.42-1.fc32
Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the...
Fedora 30 : perl-Mojolicious (2020-8d3b359179)
This package fixes a security issue that allowed for method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
Fedora 31 : perl-Mojolicious (2020-aceb5a1d0a)
This package fixes a security issue that allowed for method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...