Lucene search
K

109 matches found

CVE
CVE
added 2026/03/26 2:4 a.m.27 views

CVE-2014-125112

CVE-2014-125112 affects Plack::Middleware::Session::Cookie for Perl, with versions through 0.21 vulnerable. The issue allows an attacker to execute arbitrary code on the server during deserialization of cookie data when there is no secret used to sign the cookie. This results in remote code execu...

9.8CVSS6.4AI score0.0083EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 2:4 a.m.1 views

CVE-2014-125112 Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution

Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of the cookie data, when...

6.4AI score0.0083EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/05 2:3 p.m.5 views

SUSE CVE-2025-40926

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

9.8CVSS5.7AI score0.00433EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/05 3:31 a.m.7 views

EUVD-2025-208296

Plack::Middleware::Session::Simple versions through 0.04 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

9.8CVSS5.9AI score0.00433EPSS
Exploits0References6
NVD
NVD
added 2026/03/05 2:16 a.m.5 views

CVE-2025-40926

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

9.8CVSS0.00433EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/05 1:24 a.m.26 views

CVE-2025-40926 Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

0.00433EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/05 1:24 a.m.5 views

CVE-2025-40926

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

9.8CVSS5.7AI score0.00433EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/03/05 1:24 a.m.4 views

CVE-2025-40926 Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be...

5.7AI score0.00433EPSS
Exploits0References6
CVE
CVE
added 2026/03/05 1:24 a.m.10 views

CVE-2025-40926

Summary of vulnerability (CVE-2025-40926) : Plack::Middleware::Session::Simple for Perl versions before 0.05 generates session IDs insecurely. The default generator uses a SHA-1 hash seeded with the built-in rand() function, the epoch time, and the process ID (PID). The PID comes from a small set...

9.8CVSS5.7AI score0.00433EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23117

Name of the Vulnerable Software and Affected Versions Plack::Middleware::Session::Simple versions through 0.04 Description The software generates session IDs insecurely. The default session ID generator uses a SHA-1 hash seeded with the built-in rand function, the epoch time, and the process ID...

9.8CVSS5.8AI score0.00433EPSS
Exploits0References11
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

Plack::Middleware::Session::Simple 安全漏洞

Plack::Middleware::Session::Simple is a lightweight session management middleware developed by Masahiro Nagano. Versions of Plack::Middleware::Session::Simple prior to 0.04 contained security vulnerabilities, which stemmed from the use of insecure random number generators for generating session...

9.8CVSS5.8AI score0.00433EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/17 9:27 a.m.4 views

CVE-2013-10031

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability ...

7.5CVSS6.4AI score0.00245EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2013-10031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks CVE-2013-10031 Note that Nessus relies on the presence of the...

7.5CVSS5.5AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/09 3:31 a.m.4 views

EUVD-2013-7289

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...

6.3AI score0.00245EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 1:16 a.m.4 views

CVE-2013-10031

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...

7.5CVSS0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 1:16 a.m.4 views

DEBIAN-CVE-2013-10031

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...

7.5CVSS5.2AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 1:16 a.m.4 views

UBUNTU-CVE-2013-10031

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...

7.5CVSS5.7AI score0.00245EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/12/09 12:12 a.m.4 views

CVE-2013-10031

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...

7.5CVSS5.2AI score0.00245EPSS
Exploits0
CVE
CVE
added 2025/12/09 12:12 a.m.14 views

CVE-2013-10031

Plack-Middleware-Session (Perl) versions before 0.17 are vulnerable to HMAC comparison timing attacks. Affected component: Plack::Middleware::Session; root cause is a timing-attack vulnerability in HMAC comparison. Impact is described as a potential exposure via timing differences, with no explic...

7.5CVSS6.5AI score0.00245EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/09 12:12 a.m.4 views

CVE-2013-10031 Plack::Middleware::Session versions before 0.17 for Perl may be vulnerable to HMAC comparison timing attacks

Plack-Middleware-Session versions before 0.17 may be vulnerable to HMAC comparison timing attacks...

6.5AI score0.00245EPSS
Exploits0References1
Rows per page
Query Builder