Search criteria
46 vulnerabilities
CVE-2025-40934 (GCVE-0-2025-40934)
Vulnerability from cvelistv5 – Published: 2025-11-26 22:34 – Updated: 2025-11-28 18:54
VLAI?
Summary
XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted.
An attacker can remove the signature from the XML document to make it pass the verification check.
XML-Sig is a Perl module to validate signatures on XML files. An unsigned XML file should return an error message. The affected versions return true when attempting to validate an XML file that contains no signatures.
Severity ?
9.3 (Critical)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
| URL | Tags | |
|---|---|---|
Credits
gttds
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40934",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-28T18:50:44.544431Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-28T18:54:00.742Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "XML-Sig",
"product": "XML::Sig",
"programFiles": [
"lib/XML/Sig.pm"
],
"programRoutines": [
{
"name": "verify()"
}
],
"repo": "https://github.com/perl-net-saml2/perl-XML-Sig",
"vendor": "TIMLEGGE",
"versions": [
{
"lessThan": "0.68",
"status": "affected",
"version": "0.27",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "gttds"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted.\u003cbr\u003e\u003cbr\u003eAn attacker can remove the signature from the XML document to make it pass the verification check.\u003cbr\u003e\u003cbr\u003eXML-Sig is a Perl module to validate signatures on XML files.\u0026nbsp; An unsigned XML file should return an error message.\u0026nbsp; The affected versions return true when attempting to validate an XML file that contains no signatures.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted.\n\nAn attacker can remove the signature from the XML document to make it pass the verification check.\n\nXML-Sig is a Perl module to validate signatures on XML files.\u00a0 An unsigned XML file should return an error message.\u00a0 The affected versions return true when attempting to validate an XML file that contains no signatures."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-26T22:34:33.569Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/perl-net-saml2/perl-XML-Sig/issues/63"
},
{
"tags": [
"patch"
],
"url": "https://github.com/perl-net-saml2/perl-XML-Sig/pull/64"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to version 0.68"
}
],
"value": "Upgrade to version 0.68"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XML-Sig prior to 0.68 for Perl improperly validates XML without signatures",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40934",
"datePublished": "2025-11-26T22:34:33.569Z",
"dateReserved": "2025-04-16T09:05:34.363Z",
"dateUpdated": "2025-11-28T18:54:00.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11683 (GCVE-0-2025-11683)
Vulnerability from cvelistv5 – Published: 2025-10-16 00:14 – Updated: 2025-10-16 13:42
VLAI?
Summary
YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure
Missing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to be read
The issue is seen with complex YAML files with a hash of all keys and empty values. There is no indication that the issue leads to accessing memory outside that allocated to the module.
Severity ?
6.5 (Medium)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TODDR | YAML::Syck |
Affected:
0 , < 1.36
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-11683",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T13:41:01.868545Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T13:42:17.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "YAML-Syck",
"product": "YAML::Syck",
"programFiles": [
"token.c"
],
"repo": "https://github.com/cpan-authors/YAML-Syck",
"vendor": "TODDR",
"versions": [
{
"lessThan": "1.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure\u003cbr\u003e\u003cbr\u003eMissing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to be read\u003cbr\u003e\u003cbr\u003eThe issue is seen with complex YAML files with a hash of all keys and empty values.\u0026nbsp; There is no indication that the issue leads to accessing memory outside that allocated to the module.\u003cbr\u003e"
}
],
"value": "YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure\n\nMissing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to be read\n\nThe issue is seen with complex YAML files with a hash of all keys and empty values.\u00a0 There is no indication that the issue leads to accessing memory outside that allocated to the module."
}
],
"impacts": [
{
"capecId": "CAPEC-540",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-540 Overread Buffers"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T00:14:41.769Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/cpan-authors/YAML-Syck/pull/65"
},
{
"tags": [
"release-notes"
],
"url": "https://metacpan.org/dist/YAML-Syck/changes"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to version 1.36 or higher"
}
],
"value": "Upgrade to version 1.36 or higher"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "YAML::Syck versions before 1.36 for Perl has missing Null-Terminators which causes Out-of-Bounds Read and potential Information Disclosure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apply the patch"
}
],
"value": "Apply the patch"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-11683",
"datePublished": "2025-10-16T00:14:41.769Z",
"dateReserved": "2025-10-13T12:35:07.822Z",
"dateUpdated": "2025-10-16T13:42:17.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-58040 (GCVE-0-2024-58040)
Vulnerability from cvelistv5 – Published: 2025-09-29 23:54 – Updated: 2025-09-30 13:37
VLAI?
Summary
Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption.
Severity ?
9.1 (Critical)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QWER | Crypt::RandomEncryption |
Affected:
0.01 , ≤ *
(custom)
|
Credits
Robert Rothenberg
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-58040",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T13:36:59.598797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T13:37:53.749Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Crypt-RandomEncryption",
"product": "Crypt::RandomEncryption",
"programFiles": [
"lib/Crypt/RandomEncryption.pm"
],
"programRoutines": [
{
"name": "_random()"
}
],
"vendor": "QWER",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0.01",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Robert Rothenberg"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption.\u003cbr\u003e"
}
],
"value": "Crypt::RandomEncryption for Perl version 0.01 uses insecure rand() function during encryption."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T23:54:22.953Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/QWER/Crypt-RandomEncryption-0.01/source/lib/Crypt/RandomEncryption.pm#L33"
},
{
"tags": [
"related"
],
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
},
{
"tags": [
"related"
],
"url": "https://perldoc.perl.org/functions/rand"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Crypt::RandomEncryption for Perl uses insecure rand() function during encryption",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2024-58040",
"datePublished": "2025-09-29T23:54:22.953Z",
"dateReserved": "2025-03-26T14:00:56.315Z",
"dateUpdated": "2025-09-30T13:37:53.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40925 (GCVE-0-2025-40925)
Vulnerability from cvelistv5 – Published: 2025-09-20 12:31 – Updated: 2025-09-22 17:27
VLAI?
Summary
Starch versions 0.14 and earlier generate session ids insecurely.
The default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
Predicable session ids could allow an attacker to gain access to systems.
Severity ?
9.1 (Critical)
CWE
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40925",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-22T16:57:53.410409Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-22T17:27:16.336Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Starch",
"product": "Starch",
"programFiles": [
"lib/Starch/Manager.pm"
],
"repo": "https://github.com/bluefeet/Starch",
"vendor": "BLUEFEET",
"versions": [
{
"lessThanOrEqual": "0.14",
"status": "affected",
"version": "0.01",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eStarch versions 0.14 and earlier generate session ids insecurely.\u003c/div\u003e\u003cdiv\u003eThe default session id generator returns a SHA-1 hash seeded with a counter, the epoch time,\u0026nbsp;the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\u003c/div\u003e\u003cdiv\u003ePredicable session ids could allow an attacker to gain access to systems.\u003c/div\u003e"
}
],
"value": "Starch versions 0.14 and earlier generate session ids insecurely.\n\nThe default session id generator returns a SHA-1 hash seeded with a counter, the epoch time, the built-in rand function, the PID, and internal Perl reference addresses. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nPredicable session ids could allow an attacker to gain access to systems."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-340",
"description": "CWE-340 Generation of Predictable Numbers or Identifiers",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-20T12:31:34.353Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://github.com/bluefeet/Starch/pull/5"
},
{
"tags": [
"patch"
],
"url": "https://github.com/bluefeet/Starch/commit/5573449e64e0660f7ee209d1eab5881d4ccbee3b.patch"
},
{
"url": "https://metacpan.org/dist/Starch/source/lib/Starch/Manager.pm"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Starch versions 0.14 and earlier generate session ids insecurely",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40925",
"datePublished": "2025-09-20T12:31:34.353Z",
"dateReserved": "2025-04-16T09:05:34.362Z",
"dateUpdated": "2025-09-22T17:27:16.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40933 (GCVE-0-2025-40933)
Vulnerability from cvelistv5 – Published: 2025-09-17 14:25 – Updated: 2025-09-17 17:21
VLAI?
Summary
Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely.
Session ids are generated using an MD5 hash of the epoch time and a call to the built-in rand function. The epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
Predicable session ids could allow an attacker to gain access to systems.
Severity ?
7.5 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| KGOLDOV | Apache::AuthAny |
Affected:
0.19 , ≤ 0.201
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40933",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T17:20:12.025214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T17:21:55.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Apache-AuthAny",
"product": "Apache::AuthAny",
"programFiles": [
"lib/Apache2/AuthAny/Cookie.pm"
],
"vendor": "KGOLDOV",
"versions": [
{
"lessThanOrEqual": "0.201",
"status": "affected",
"version": "0.19",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eApache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely.\u003c/div\u003e\u003cdiv\u003eSession ids are generated using an MD5 hash of the epoch time and a call to the built-in rand function. The epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\u003c/div\u003e\u003cdiv\u003ePredicable session ids could allow an attacker to gain access to systems.\u003c/div\u003e"
}
],
"value": "Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely.\n\nSession ids are generated using an MD5 hash of the epoch time and a call to the built-in rand function. The epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nPredicable session ids could allow an attacker to gain access to systems."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-340",
"description": "CWE-340 Generation of Predictable Numbers or Identifiers",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T14:25:10.826Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/KGOLDOV/Apache2-AuthAny-0.201/source/lib/Apache2/AuthAny/Cookie.pm"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session ids insecurely",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40933",
"datePublished": "2025-09-17T14:25:10.826Z",
"dateReserved": "2025-04-16T09:05:34.363Z",
"dateUpdated": "2025-09-17T17:21:55.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40930 (GCVE-0-2025-40930)
Vulnerability from cvelistv5 – Published: 2025-09-08 15:09 – Updated: 2025-11-04 21:10
VLAI?
Summary
JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact.
Severity ?
7.5 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PJUHASZ | JSON::SIMD |
Affected:
0 , < 1.07
(custom)
|
Credits
Michael Hudak of rasotec
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40930",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T18:48:21.552171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T18:48:46.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:24.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/08/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "JSON-SIMD",
"product": "JSON::SIMD",
"programFiles": [
"SIMD.xs"
],
"repo": "https://github.com/pjuhasz/JSON-SIMD",
"vendor": "PJUHASZ",
"versions": [
{
"lessThan": "1.07",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Michael Hudak of rasotec"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact."
}
],
"value": "JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T15:09:01.179Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/PJUHASZ/JSON-SIMD-1.06/source/SIMD.xs#L248"
},
{
"tags": [
"release-notes"
],
"url": "https://metacpan.org/release/PJUHASZ/JSON-SIMD-1.07/changes"
},
{
"tags": [
"patch"
],
"url": "https://github.com/pjuhasz/JSON-SIMD/commit/9a87de7331c9fa5198cae404a83b17649cf7b918.patch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.07, or apply the provided patch"
}
],
"value": "Update to 1.07, or apply the provided patch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40930",
"datePublished": "2025-09-08T15:09:01.179Z",
"dateReserved": "2025-04-16T09:05:34.363Z",
"dateUpdated": "2025-11-04T21:10:24.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40929 (GCVE-0-2025-40929)
Vulnerability from cvelistv5 – Published: 2025-09-08 15:08 – Updated: 2025-11-04 21:10
VLAI?
Summary
Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact
Severity ?
5.6 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RURBAN | Cpanel::JSON::XS |
Affected:
0 , < 4.40
(custom)
|
Credits
Michael Hudak of rasotec
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40929",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T19:25:39.696505Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T19:25:59.188Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:23.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00034.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/08/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Cpanel-JSON-XS",
"product": "Cpanel::JSON::XS",
"programFiles": [
"XS.xs"
],
"repo": "https://github.com/rurban/Cpanel-JSON-XS",
"vendor": "RURBAN",
"versions": [
{
"lessThan": "4.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Michael Hudak of rasotec"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact\u003cbr\u003e"
}
],
"value": "Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T15:08:52.327Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.39/source/XS.xs#L713"
},
{
"tags": [
"release-notes"
],
"url": "https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.40/changes"
},
{
"tags": [
"patch"
],
"url": "https://github.com/rurban/Cpanel-JSON-XS/commit/378236219eaa35742c3962ecbdee364903b0a1f2.patch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 4.40 or later, or apply the provided patch"
}
],
"value": "Update to 4.40 or later, or apply the provided patch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40929",
"datePublished": "2025-09-08T15:08:52.327Z",
"dateReserved": "2025-04-16T09:05:34.363Z",
"dateUpdated": "2025-11-04T21:10:23.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40928 (GCVE-0-2025-40928)
Vulnerability from cvelistv5 – Published: 2025-09-08 15:08 – Updated: 2025-11-04 21:10
VLAI?
Summary
JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact
Severity ?
7.5 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Credits
Michael Hudak of rasotec
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40928",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T15:52:04.063980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T18:47:47.992Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:22.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00033.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/08/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "JSON-XS",
"product": "JSON::XS",
"programFiles": [
"XS.xs"
],
"repo": "https://cvs.schmorp.de/JSON-XS/",
"vendor": "MLEHMANN",
"versions": [
{
"lessThan": "4.04",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Michael Hudak of rasotec"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact\u003cbr\u003e"
}
],
"value": "JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T15:08:21.860Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/MLEHMANN/JSON-XS-4.03/source/XS.xs#L256"
},
{
"tags": [
"patch"
],
"url": "https://security.metacpan.org/patches/J/JSON-XS/4.03/CVE-2025-40928-r1.patch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 4.04, or apply the provided patch"
}
],
"value": "Update to 4.04, or apply the provided patch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40928",
"datePublished": "2025-09-08T15:08:21.860Z",
"dateReserved": "2025-04-16T09:05:34.363Z",
"dateUpdated": "2025-11-04T21:10:22.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40927 (GCVE-0-2025-40927)
Vulnerability from cvelistv5 – Published: 2025-08-29 00:10 – Updated: 2025-08-29 13:18
VLAI?
Summary
CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw
This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions.
Although some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters.
As a result, an attacker can inject a line break (e.g. %0A) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks.
The issue documented in CVE-2010-4410 https://www.cve.org/CVERecord?id=CVE-2010-4410 is related but the fix was incomplete.
Impact
By injecting %0A (newline) into a query string parameter, an attacker can:
* Break the current HTTP header
* Inject a new header or entire body
* Deliver a script payload that is reflected in the server’s response
That can lead to the following attacks:
* reflected XSS
* open redirect
* cache poisoning
* header manipulation
Severity ?
7.3 (High)
CWE
- CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MANWAR | CGI::Simple |
Affected:
0 , < 1.282
(custom)
|
Credits
Maxim Kosenko
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40927",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T13:18:01.758812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T13:18:32.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "CGI-Simple",
"product": "CGI::Simple",
"programFiles": [
"lib/CGI/Simple.pm"
],
"repo": "https://github.com/manwar/CGI--Simple",
"vendor": "MANWAR",
"versions": [
{
"lessThan": "1.282",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maxim Kosenko"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw\u003cbr\u003e\u003cp\u003eThis vulnerability is a \u003cstrong\u003econfirmed HTTP response splitting\u003c/strong\u003e\u0026nbsp;flaw in \u003ccode\u003eCGI::Simple\u003c/code\u003e\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethat allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions\u003c/span\u003e.\u003c/p\u003e\u003cp\u003eAlthough some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eAs a result, an attacker can inject a line break (e.g. \u003ccode\u003e%0A\u003c/code\u003e) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks.\u003c/p\u003e\u003cp\u003eThe issue documented in\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cve.org/CVERecord?id=CVE-2010-4410\"\u003eCVE-2010-4410\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;is related but the fix was incomplete.\u003c/span\u003e\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eImpact\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eBy injecting \u003ccode\u003e%0A\u003c/code\u003e\u0026nbsp;(newline) into a query string parameter, an attacker can:\u003c/p\u003e\u003col\u003e\u003cli\u003eBreak the current HTTP header\u003c/li\u003e\u003cli\u003eInject a new header or entire body\u003c/li\u003e\u003cli\u003eDeliver a script payload that is reflected in the server\u2019s response\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThat can lead to the following attacks:\u003c/p\u003e\u003cul\u003e\u003cli\u003ereflected XSS\u003c/li\u003e\u003cli\u003eopen redirect\u003c/li\u003e\u003cli\u003ecache poisoning\u003c/li\u003e\u003cli\u003eheader manipulation\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw\nThis vulnerability is a confirmed HTTP response splitting\u00a0flaw in CGI::Simple\u00a0that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions.\n\nAlthough some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters.\n\n\n\nAs a result, an attacker can inject a line break (e.g. %0A) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks.\n\nThe issue documented in CVE-2010-4410 https://www.cve.org/CVERecord?id=CVE-2010-4410 is related but the fix was incomplete.\n\nImpact\n\nBy injecting %0A\u00a0(newline) into a query string parameter, an attacker can:\n\n * Break the current HTTP header\n * Inject a new header or entire body\n * Deliver a script payload that is reflected in the server\u2019s response\nThat can lead to the following attacks:\n\n * reflected XSS\n * open redirect\n * cache poisoning\n * header manipulation"
}
],
"impacts": [
{
"capecId": "CAPEC-34",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-34 HTTP Response Splitting"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-113",
"description": "CWE-113 Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T00:10:07.161Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/MANWAR/CGI-Simple-1.281/source/lib/CGI/Simple.pm#L1031-1035"
},
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/MANWAR/CGI-Simple-1.281/diff/MANWAR/CGI-Simple-1.282/lib/CGI/Simple.pm"
},
{
"tags": [
"technical-description"
],
"url": "https://owasp.org/www-community/attacks/HTTP_Response_Splitting"
},
{
"tags": [
"technical-description"
],
"url": "https://datatracker.ietf.org/doc/html/rfc7230#section-3"
},
{
"tags": [
"related"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2320"
},
{
"tags": [
"related"
],
"url": "https://rt.perl.org/Public/Bug/Display.html?id=21951"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade CGI::Simple to version 1.282 or higher"
}
],
"value": "Upgrade CGI::Simple to version 1.282 or higher"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CGI::Simple versions 1.281 and earlier for Perl has a HTTP response splitting flaw",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40927",
"datePublished": "2025-08-29T00:10:07.161Z",
"dateReserved": "2025-04-16T09:05:34.362Z",
"dateUpdated": "2025-08-29T13:18:32.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40920 (GCVE-0-2025-40920)
Vulnerability from cvelistv5 – Published: 2025-08-11 20:19 – Updated: 2025-11-04 21:10
VLAI?
Summary
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library.
* Data::UUID does not use a strong cryptographic source for generating UUIDs.
* Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562.
* The nonces should be generated from a strong cryptographic source, as per RFC 7616.
Severity ?
8.6 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETHER | Catalyst::Authentication::Credential::HTTP |
Affected:
0.06 , ≤ 1.018
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-11T20:52:17.823708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-11T20:52:44.260Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:19.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/12/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Catalyst-Authentication-Credential-HTTP",
"product": "Catalyst::Authentication::Credential::HTTP",
"repo": "https://github.com/perl-catalyst/Catalyst-Authentication-Credential-HTTP",
"vendor": "ETHER",
"versions": [
{
"lessThanOrEqual": "1.018",
"status": "affected",
"version": "0.06",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eCatalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library.\u003cul\u003e\u003cli\u003eData::UUID does not use a strong cryptographic source for generating UUIDs.\u003c/li\u003e\u003cli\u003eData::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562.\u003c/li\u003e\u003cli\u003eThe nonces should be generated from a strong cryptographic source, as per RFC 7616.\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
}
],
"value": "Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library.\n * Data::UUID does not use a strong cryptographic source for generating UUIDs.\n * Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562.\n * The nonces should be generated from a strong cryptographic source, as per RFC 7616."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-340",
"description": "CWE-340 Generation of Predictable Numbers or Identifiers",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T11:49:41.169Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://security.metacpan.org/patches/C/Catalyst-Authentication-Credential-HTTP/1.018/CVE-2025-40920-r1.patch"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/perl-catalyst/Catalyst-Authentication-Credential-HTTP/pull/1"
},
{
"url": "https://metacpan.org/release/ETHER/Catalyst-Authentication-Credential-HTTP-1.018/source/lib/Catalyst/Authentication/Credential/HTTP.pm#L391"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc9562#name-security-considerations"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc7616#section-5.12"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUsers are advised to upgrade to Catalyst-Authentication-Credential-HTTP version 1.019 or later.\u003c/div\u003e"
}
],
"value": "Users are advised to upgrade to Catalyst-Authentication-Credential-HTTP version 1.019 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl use insecurely generated nonces",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40920",
"datePublished": "2025-08-11T20:19:57.516Z",
"dateReserved": "2025-04-16T09:05:34.362Z",
"dateUpdated": "2025-11-04T21:10:19.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40924 (GCVE-0-2025-40924)
Vulnerability from cvelistv5 – Published: 2025-07-17 13:33 – Updated: 2025-07-17 19:53
VLAI?
Summary
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely.
The session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
Predicable session ids could allow an attacker to gain access to systems.
Severity ?
6.5 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HAARG | Catalyst::Plugin::Session |
Affected:
0.01 , < 0.44
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T19:51:00.779304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:53:31.346Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Catalyst-Plugin-Session",
"product": "Catalyst::Plugin::Session",
"repo": "https://github.com/perl-catalyst/Catalyst-Plugin-Session",
"vendor": "HAARG",
"versions": [
{
"lessThan": "0.44",
"status": "affected",
"version": "0.01",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eCatalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely.\u003c/div\u003e\u003cdiv\u003eThe session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\u003c/div\u003e\u003cdiv\u003ePredicable session ids could allow an attacker to gain access to systems.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely.\n\nThe session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nPredicable session ids could allow an attacker to gain access to systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-340",
"description": "CWE-340 Generation of Predictable Numbers or Identifiers",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T13:33:43.739Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/HAARG/Catalyst-Plugin-Session-0.43/source/lib/Catalyst/Plugin/Session.pm#L632"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/perl-catalyst/Catalyst-Plugin-Session/pull/5"
},
{
"tags": [
"patch"
],
"url": "https://github.com/perl-catalyst/Catalyst-Plugin-Session/commit/c0e2b4ab1e42ebce1008286db8c571b6ee98c22c.patch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Users are advised to upgrade to Catalyst-Plugin-Session version 0.44 or later."
}
],
"value": "Users are advised to upgrade to Catalyst-Plugin-Session version 0.44 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40924",
"datePublished": "2025-07-17T13:33:43.739Z",
"dateReserved": "2025-04-16T09:05:34.362Z",
"dateUpdated": "2025-07-17T19:53:31.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40913 (GCVE-0-2025-40913)
Vulnerability from cvelistv5 – Published: 2025-07-16 14:05 – Updated: 2025-07-16 20:50
VLAI?
Summary
Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow.
Net::Dropbear embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.
Severity ?
6.5 (Medium)
CWE
- CWE-1395 - Dependency on Vulnerable Third-Party Component
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ATRODO | Net::Dropbear |
Affected:
0.01 , ≤ 0.16
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-16T20:49:47.475976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T20:50:08.893Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Net-Dropbear",
"product": "Net::Dropbear",
"repo": "https://github.com/atrodo/Net-Dropbear",
"vendor": "ATRODO",
"versions": [
{
"lessThanOrEqual": "0.16",
"status": "affected",
"version": "0.01",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eNet::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow.\u003c/div\u003e\u003cdiv\u003eNet::Dropbear\u0026nbsp;embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.\u003c/div\u003e"
}
],
"value": "Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow.\n\nNet::Dropbear\u00a0embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395 Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T14:05:33.899Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36328"
},
{
"url": "https://github.com/libtom/libtommath/pull/546"
},
{
"url": "https://github.com/advisories/GHSA-j3xv-6967-cv88"
},
{
"url": "https://metacpan.org/release/ATRODO/Net-Dropbear-0.16/source/dropbear/libtommath/bn_mp_grow.c"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40913",
"datePublished": "2025-07-16T14:05:33.899Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-07-16T20:50:08.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40919 (GCVE-0-2025-40919)
Vulnerability from cvelistv5 – Published: 2025-07-16 14:04 – Updated: 2025-07-16 20:49
VLAI?
Summary
Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely.
The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
According to RFC 2831, "The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy."
Severity ?
6.5 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SALVA | Authen::DigestMD5 |
Affected:
0.01 , ≤ 0.04
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40919",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-16T20:49:09.619470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T20:49:26.539Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Authen-DigestMD5",
"product": "Authen::DigestMD5",
"programFiles": [
"DigestMD5.pm"
],
"vendor": "SALVA",
"versions": [
{
"lessThanOrEqual": "0.04",
"status": "affected",
"version": "0.01",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAuthen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely.\u003c/div\u003e\u003cdiv\u003eThe cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\u003c/div\u003e\u003cdiv\u003eAccording to RFC 2831, \u003cq\u003eThe cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation\n depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.\u003c/q\u003e\u003c/div\u003e"
}
],
"value": "Authen::DigestMD5 versions 0.01 through 0.02 for Perl generate the cnonce insecurely.\n\nThe cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nAccording to RFC 2831, \"The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-340",
"description": "CWE-340 Generation of Predictable Numbers or Identifiers",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T14:04:09.443Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/SALVA/Authen-DigestMD5-0.01/source/DigestMD5.pm#L126"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc2831"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authen::DigestMD5 versions 0.01 through 0.04 for Perl generate the cnonce insecurely",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40919",
"datePublished": "2025-07-16T14:04:09.443Z",
"dateReserved": "2025-04-16T09:05:34.362Z",
"dateUpdated": "2025-07-16T20:49:26.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40918 (GCVE-0-2025-40918)
Vulnerability from cvelistv5 – Published: 2025-07-16 14:00 – Updated: 2025-11-04 21:10
VLAI?
Summary
Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely.
The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
According to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation
depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.
Severity ?
6.5 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| EHUELS | Authen::SASL::Perl::DIGEST_MD5 |
Affected:
2.04 , ≤ 2.1800
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-16T20:48:38.205622Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T20:48:52.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:18.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/07/16/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Authen-SASL",
"product": "Authen::SASL::Perl::DIGEST_MD5",
"programFiles": [
"DIGEST_MD5.pm"
],
"repo": "https://github.com/gbarr/perl-authen-sasl",
"vendor": "EHUELS",
"versions": [
{
"lessThanOrEqual": "2.1800",
"status": "affected",
"version": "2.04",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAuthen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely.\u003c/div\u003e\u003cdiv\u003eThe cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\u003c/div\u003e\u003cdiv\u003eAccording to RFC 2831, \u003cq\u003eThe cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation\n depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.\u003c/q\u003e\u003c/div\u003e"
}
],
"value": "Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely.\n\nThe cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nAccording to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation\n depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-340",
"description": "CWE-340 Generation of Predictable Numbers or Identifiers",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T09:08:47.396Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/EHUELS/Authen-SASL-2.1900/changes"
},
{
"url": "https://metacpan.org/dist/Authen-SASL/source/lib/Authen/SASL/Perl/DIGEST_MD5.pm#L263"
},
{
"url": "https://datatracker.ietf.org/doc/html/rfc2831"
},
{
"tags": [
"patch"
],
"url": "https://security.metacpan.org/patches/A/Authen-SASL/2.1800/CVE-2025-40918-r1.patch"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/gbarr/perl-authen-sasl/pull/22"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUsers should upgrade to version 2.1900 or later.\u003c/div\u003e"
}
],
"value": "Users should upgrade to version 2.1900 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40918",
"datePublished": "2025-07-16T14:00:12.777Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-11-04T21:10:18.064Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40923 (GCVE-0-2025-40923)
Vulnerability from cvelistv5 – Published: 2025-07-16 13:05 – Updated: 2025-11-04 21:10
VLAI?
Summary
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely.
The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
Predicable session ids could allow an attacker to gain access to systems.
Severity ?
7.3 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MIYAGAWA | Plack::Middleware::Session |
Affected:
0.01 , < 0.35
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40923",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-16T20:47:49.157521Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T20:48:17.516Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:10:20.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/07/16/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Plack-Middleware-Session",
"product": "Plack::Middleware::Session",
"programFiles": [
"lib/Plack/Session/State.pm"
],
"repo": "https://github.com/plack/Plack-Middleware-Session",
"vendor": "MIYAGAWA",
"versions": [
{
"lessThan": "0.35",
"status": "affected",
"version": "0.01",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003ePlack-Middleware-Session before version 0.35 for Perl generates session ids insecurely.\u003c/div\u003e\u003cdiv\u003eThe default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\u003c/div\u003e\u003cdiv\u003ePredicable session ids could allow an attacker to gain access to systems.\u003c/div\u003e"
}
],
"value": "Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely.\n\nThe default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nPredicable session ids could allow an attacker to gain access to systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-340",
"description": "CWE-340 Generation of Predictable Numbers or Identifiers",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T13:05:03.782Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/MIYAGAWA/Plack-Middleware-Session-0.34/source/lib/Plack/Session/State.pm#L22"
},
{
"url": "https://github.com/plack/Plack-Middleware-Session/pull/52"
},
{
"tags": [
"patch"
],
"url": "https://github.com/plack/Plack-Middleware-Session/commit/1fbfbb355e34e7f4b3906f66cf958cedadd2b9be.patch"
},
{
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUsers are advised to upgrade to Plack-Middleware-Session v0.35 or later.\u003c/div\u003e"
}
],
"value": "Users are advised to upgrade to Plack-Middleware-Session v0.35 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUsers who are unable to upgrade are advised to change the sid_generator attribute of Plack::Session::State to a function that returns a securely generated session id based on a secure source of entropy from the system.\u003c/div\u003e"
}
],
"value": "Users who are unable to upgrade are advised to change the sid_generator attribute of Plack::Session::State to a function that returns a securely generated session id based on a secure source of entropy from the system."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40923",
"datePublished": "2025-07-16T13:05:03.782Z",
"dateReserved": "2025-04-16T09:05:34.362Z",
"dateUpdated": "2025-11-04T21:10:20.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-40910 (GCVE-0-2025-40910)
Vulnerability from cvelistv5 – Published: 2025-06-27 12:19 – Updated: 2025-06-27 20:06
VLAI?
Summary
Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.
Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.
Severity ?
6.5 (Medium)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TPODER | Net::IP::LPM |
Affected:
1.10
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-27T20:06:14.573534Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-27T20:06:41.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Net-IP-LPM",
"product": "Net::IP::LPM",
"vendor": "TPODER",
"versions": [
{
"status": "affected",
"version": "1.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eNet::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.\u003c/div\u003e\u003cdiv\u003eLeading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.\n\nLeading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287 Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-27T12:30:37.219Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/TPODER/Net-IP-LPM-1.10/diff/TPODER/Net-IP-LPM-1.09/lib/Net/IP/LPM.pm"
},
{
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
},
{
"tags": [
"patch"
],
"url": "https://security.metacpan.org/patches/N/Net-IP-LPM/1.10/CVE-2025-40910-r1.patch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40910",
"datePublished": "2025-06-27T12:19:59.195Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-06-27T20:06:41.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40916 (GCVE-0-2025-40916)
Vulnerability from cvelistv5 – Published: 2025-06-16 11:01 – Updated: 2025-06-16 13:31
VLAI?
Summary
Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha.
That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.
Severity ?
9.1 (Critical)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| GRYPHON | Mojolicious::Plugin::CaptchaPNG |
Affected:
1.05
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T13:31:12.359144Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T13:31:45.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Mojolicious-Plugin-CaptchaPNG",
"product": "Mojolicious::Plugin::CaptchaPNG",
"repo": "https://github.com/gryphonshafer/Mojo-Plugin-CaptchaPNG",
"vendor": "GRYPHON",
"versions": [
{
"status": "affected",
"version": "1.05",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eMojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha text.\u003c/div\u003e\u003cdiv\u003eThat version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.\u003c/div\u003e"
}
],
"value": "Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha.\n\nThat version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
},
{
"cweId": "CWE-804",
"description": "CWE-804 Guessable CAPTCHA",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T11:01:08.871Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.04/diff/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.05/lib/Mojolicious/Plugin/CaptchaPNG.pm"
},
{
"url": "https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.06/changes"
},
{
"url": "https://metacpan.org/pod/perlfunc#rand"
},
{
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUsers should upgrade to version 1.06 or later.\u003c/div\u003e"
}
],
"value": "Users should upgrade to version 1.06 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha text",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40916",
"datePublished": "2025-06-16T11:01:08.871Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-06-16T13:31:45.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4976 (GCVE-0-2022-4976)
Vulnerability from cvelistv5 – Published: 2025-06-12 00:33 – Updated: 2025-06-13 16:03
VLAI?
Summary
Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities.
The bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141.
Severity ?
9.8 (Critical)
CWE
- CWE-1395 - Dependency on Vulnerable Third-Party Component
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETJ | Archive::Unzip::Burst |
Affected:
0.01 , ≤ 0.09
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-4976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-13T15:50:26.541283Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T16:03:31.477Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Archive-Unzip-Burst",
"product": "Archive::Unzip::Burst",
"repo": "https://github.com/mohawk2/Archive-Unzip-Burst",
"vendor": "ETJ",
"versions": [
{
"lessThanOrEqual": "0.09",
"status": "affected",
"version": "0.01",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities.\u003cbr\u003e\u003cbr\u003eThe bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141.\u003cbr\u003e"
}
],
"value": "Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities.\n\nThe bundled library is affected by CVE-2014-8139, CVE-2014-8140 and CVE-2014-8141."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395 Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T00:33:13.976Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=143547"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains a bundled InfoZip library that is affected by several vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2022-4976",
"datePublished": "2025-06-12T00:33:13.976Z",
"dateReserved": "2025-06-09T20:21:41.530Z",
"dateUpdated": "2025-06-13T16:03:31.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40912 (GCVE-0-2025-40912)
Vulnerability from cvelistv5 – Published: 2025-06-11 17:48 – Updated: 2025-06-11 18:44
VLAI?
Summary
CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode.
CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362.
Severity ?
9.8 (Critical)
CWE
- CWE-1395 - Dependency on Vulnerable Third-Party Component
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40912",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T18:43:47.110889Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T18:44:15.223Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "CryptX",
"product": "CryptX",
"programFiles": [
"src/ltc/pk/asn1/der/utf8/der_decode_utf8_string.c"
],
"repo": "https://github.com/DCIT/perl-CryptX",
"vendor": "MIK",
"versions": [
{
"lessThan": "0.065",
"status": "affected",
"version": "0.002",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eCryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode.\u003c/div\u003e\u003cdiv\u003eCryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362.\u003c/div\u003e"
}
],
"value": "CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode.\n\nCryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395 Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T17:48:39.344Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://github.com/libtom/libtomcrypt/issues/507"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Users should update to version 0.065 or later."
}
],
"value": "Users should update to version 0.065 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40912",
"datePublished": "2025-06-11T17:48:39.344Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-06-11T18:44:15.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40915 (GCVE-0-2025-40915)
Vulnerability from cvelistv5 – Published: 2025-06-11 17:09 – Updated: 2025-06-11 17:57
VLAI?
Summary
Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens.
That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand() function.
Severity ?
CWE
- CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| GRYPHON | Mojolicious::Plugin::CSRF |
Affected:
1.03
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T17:52:49.542565Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T17:57:28.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Mojolicious-Plugin-CSRF",
"product": "Mojolicious::Plugin::CSRF",
"repo": "https://github.com/gryphonshafer/Mojo-Plugin-CSRF",
"vendor": "GRYPHON",
"versions": [
{
"status": "affected",
"version": "1.03",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eMojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens.\u003c/div\u003e\u003cdiv\u003eThat version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand() function.\u003c/div\u003e"
}
],
"value": "Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens.\n\nThat version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand() function."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62: Cross Site Request Forgery"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T17:09:50.664Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CSRF-1.04/diff/GRYPHON/Mojolicious-Plugin-CSRF-1.03"
},
{
"url": "https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CSRF-1.04/changes"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Users of version 1.03 should upgrade to 1.04."
}
],
"value": "Users of version 1.03 should upgrade to 1.04."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40915",
"datePublished": "2025-06-11T17:09:50.664Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-06-11T17:57:28.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40914 (GCVE-0-2025-40914)
Vulnerability from cvelistv5 – Published: 2025-06-11 14:06 – Updated: 2025-06-11 14:43
VLAI?
Summary
Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow.
CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.
Severity ?
9.8 (Critical)
CWE
- CWE-1395 - Dependency on Vulnerable Third-Party Component
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40914",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T14:33:49.813767Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T14:43:31.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "CryptX",
"product": "CryptX",
"programFiles": [
"src/ltm/bn_mp_grow.c"
],
"repo": "https://github.com/DCIT/perl-CryptX",
"vendor": "MIK",
"versions": [
{
"lessThanOrEqual": "0.086",
"status": "affected",
"version": "0.002",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003ePerl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow.\u003c/div\u003e\u003cdiv\u003eCryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.\u003c/div\u003e"
}
],
"value": "Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow.\n\nCryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395 Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T14:06:53.418Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36328"
},
{
"url": "https://github.com/libtom/libtommath/pull/546"
},
{
"url": "https://github.com/advisories/GHSA-j3xv-6967-cv88"
},
{
"url": "https://metacpan.org/release/MIK/CryptX-0.086/source/src/ltm/bn_mp_grow.c"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Users should update to version 0.087 or later"
}
],
"value": "Users should update to version 0.087 or later"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40914",
"datePublished": "2025-06-11T14:06:53.418Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-06-11T14:43:31.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-10007 (GCVE-0-2011-10007)
Vulnerability from cvelistv5 – Published: 2025-06-05 11:57 – Updated: 2025-06-11 12:27
VLAI?
Summary
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename.
A file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to provide the MODE parameter to `open()`, turning the filename into a command to be executed.
Example:
$ mkdir /tmp/poc; echo > "/tmp/poc/|id"
$ perl -MFile::Find::Rule \
-E 'File::Find::Rule->grep("foo")->in("/tmp/poc")'
uid=1000(user) gid=1000(user) groups=1000(user),100(users)
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RCLAMP | File::Find::Rule |
Affected:
0 , ≤ 0.34
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2011-10007",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T13:22:25.420367Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T14:06:56.992Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/richardc/perl-file-find-rule/pull/4"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-06-06T03:23:36.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00006.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/05/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/06/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/06/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "File-Find-Rule",
"product": "File::Find::Rule",
"programFiles": [
"lib/File/Find/Rule.pm"
],
"programRoutines": [
{
"name": "grep"
}
],
"repo": "https://github.com/richardc/perl-file-find-rule",
"vendor": "RCLAMP",
"versions": [
{
"lessThanOrEqual": "0.34",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename.\u003cbr\u003e\u003cbr\u003eA file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to provide the MODE parameter to `open()`, turning the filename into a command to be executed.\u003cbr\u003e\u003cbr\u003eExample:\u003cbr\u003e\u003cbr\u003e\u003ctt\u003e$ mkdir /tmp/poc; echo \u0026gt; \"/tmp/poc/|id\"\u003cbr\u003e$ perl -MFile::Find::Rule \\\u003cbr\u003e\u0026nbsp; \u0026nbsp; -E \u0027File::Find::Rule-\u0026gt;grep(\"foo\")-\u0026gt;in(\"/tmp/poc\")\u0027\u003cbr\u003euid=1000(user) gid=1000(user) groups=1000(user),100(users)\u003cbr\u003e\u003c/tt\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename.\n\nA file handle is opened with the 2 argument form of `open()` allowing an attacker controlled filename to provide the MODE parameter to `open()`, turning the filename into a command to be executed.\n\nExample:\n\n$ mkdir /tmp/poc; echo \u003e \"/tmp/poc/|id\"\n$ perl -MFile::Find::Rule \\\n\u00a0 \u00a0 -E \u0027File::Find::Rule-\u003egrep(\"foo\")-\u003ein(\"/tmp/poc\")\u0027\nuid=1000(user) gid=1000(user) groups=1000(user),100(users)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T12:27:11.870Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"url": "https://metacpan.org/release/RCLAMP/File-Find-Rule-0.34/source/lib/File/Find/Rule.pm#L423"
},
{
"tags": [
"issue-tracking",
"exploit"
],
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=64504"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/richardc/perl-file-find-rule/pull/4"
},
{
"tags": [
"patch"
],
"url": "https://github.com/richardc/perl-file-find-rule/commit/df58128bcee4c1da78c34d7f3fe1357e575ad56f.patch"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Users should update to a fixed version such as 0.35 or later, or apply the patch provided in the references section, or use a patched version provided by their OS distribution"
}
],
"value": "Users should update to a fixed version such as 0.35 or later, or apply the patch provided in the references section, or use a patched version provided by their OS distribution"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2011-01-04T23:00:00.000Z",
"value": "A bug was reported by Kevin Ryde to the upstream RT bugtracker described as \"grep() can truncate files\"."
},
{
"lang": "en",
"time": "2025-06-04T22:00:00.000Z",
"value": "CPANSec became aware of the bug and started triage. Code execution impact was confirmed, a patch was made, and the author, the distros list and additional downstream vendors were notified."
},
{
"lang": "en",
"time": "2025-06-05T15:32:01.000Z",
"value": "The author released File::Find::Rule 0.35."
}
],
"title": "File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted file name",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2011-10007",
"datePublished": "2025-06-05T11:57:58.654Z",
"dateReserved": "2025-06-05T01:05:46.861Z",
"dateUpdated": "2025-06-11T12:27:11.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40908 (GCVE-0-2025-40908)
Vulnerability from cvelistv5 – Published: 2025-06-01 13:41 – Updated: 2025-06-02 03:22
VLAI?
Summary
YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified
Severity ?
9.1 (Critical)
CWE
- CWE-552 - Files or Directories Accessible to External Parties
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TINITA | YAML::LibYAML |
Affected:
0 , < 0.903.0
(custom)
|
Credits
@shlomif (Shlomi Fish)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T03:22:02.219115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T03:22:25.333Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "YAML-LibYAML",
"product": "YAML::LibYAML",
"programFiles": [
"lib/YAML/XS.pm"
],
"repo": "https://github.com/ingydotnet/yaml-libyaml-pm",
"vendor": "TINITA",
"versions": [
{
"lessThan": "0.903.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "@shlomif (Shlomi Fish)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified\u003cbr\u003e"
}
],
"value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified"
}
],
"impacts": [
{
"capecId": "CAPEC-23",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-23 File Content Injection"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-01T13:41:48.168Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/ingydotnet/yaml-libyaml-pm/issues/120"
},
{
"tags": [
"patch"
],
"url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/121"
},
{
"tags": [
"patch"
],
"url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/122"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40908",
"datePublished": "2025-06-01T13:41:48.168Z",
"dateReserved": "2025-04-16T09:05:34.360Z",
"dateUpdated": "2025-06-02T03:22:25.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40909 (GCVE-0-2025-40909)
Vulnerability from cvelistv5 – Published: 2025-05-30 12:20 – Updated: 2025-11-03 18:09
VLAI?
Summary
Perl threads have a working directory race condition where file operations may target unintended paths.
If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone that handle for the new thread, which is visible from any third (or more) thread already running.
This may lead to unintended operations such as loading code or accessing files from unexpected locations, which a local attacker may be able to exploit.
The bug was introduced in commit 11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6
Severity ?
5.9 (Medium)
Assigner
References
| URL | Tags | |
|---|---|---|
|
|
||
Credits
Vincent Lefevre
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T18:09:27.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/05/23/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/05/30/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/02/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/02/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/02/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/02/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/03/1"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Sep/55"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Sep/54"
},
{
"url": "http://seclists.org/fulldisclosure/2025/Sep/53"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40909",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T14:05:00.839656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T14:09:50.842Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "perl",
"product": "perl",
"programRoutines": [
{
"name": "threads"
}
],
"repo": "https://github.com/perl/perl5",
"vendor": "perl",
"versions": [
{
"lessThan": "5.41.13",
"status": "affected",
"version": "5.13.6",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Vincent Lefevre"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Perl threads have a working directory race condition where file operations may target unintended paths.\u003cbr\u003e\u003cbr\u003eIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone\u0026nbsp;that handle for the new thread, which is visible from any third (or\u0026nbsp;more) thread already running. \u003cbr\u003e\u003cbr\u003eThis may lead to unintended operations\u0026nbsp;such as loading code or accessing files from unexpected locations,\u0026nbsp;which a local attacker may be able to exploit.\u003cbr\u003e\u003cbr\u003eThe bug was introduced in commit\u0026nbsp;11a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6"
}
],
"value": "Perl threads have a working directory race condition where file operations may target unintended paths.\n\nIf a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order to clone\u00a0that handle for the new thread, which is visible from any third (or\u00a0more) thread already running. \n\nThis may lead to unintended operations\u00a0such as loading code or accessing files from unexpected locations,\u00a0which a local attacker may be able to exploit.\n\nThe bug was introduced in commit\u00a011a11ecf4bea72b17d250cfb43c897be1341861e and released in Perl version 5.13.6"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-689",
"description": "CWE-689 Permission Race Condition During Resource Copy",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T13:24:00.827Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch"
},
{
"tags": [
"mailing-list",
"exploit"
],
"url": "https://www.openwall.com/lists/oss-security/2025/05/22/2"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Perl/perl5/issues/23010"
},
{
"tags": [
"related"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226"
},
{
"tags": [
"related"
],
"url": "https://github.com/Perl/perl5/issues/10387"
},
{
"tags": [
"related"
],
"url": "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads"
},
{
"tags": [
"related"
],
"url": "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update perl to an unaffected version, or apply the patch provided in the references section."
}
],
"value": "Update perl to an unaffected version, or apply the patch provided in the references section."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Perl threads have a working directory race condition where file operations may target unintended paths",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40909",
"datePublished": "2025-05-30T12:20:11.237Z",
"dateReserved": "2025-04-16T09:05:34.360Z",
"dateUpdated": "2025-11-03T18:09:27.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36846 (GCVE-0-2020-36846)
Vulnerability from cvelistv5 – Published: 2025-05-30 00:50 – Updated: 2025-05-30 22:01
VLAI?
Summary
A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library. Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your IO::Compress::Brotli module to 0.007 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
Severity ?
9.8 (Critical)
CWE
- CWE-1395 - Dependency on Vulnerable Third-Party Component
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TIMLEGGE | IO::Compress::Brotli |
Affected:
0 , < 0.007
(custom)
|
Credits
Robert Rothenberg (RRWO)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-36846",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T14:40:47.592851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T22:01:41.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "IO-Compress-Brotli",
"product": "IO::Compress::Brotli",
"programFiles": [
"brotli/c/dec/bit_reader.h"
],
"repo": "https://github.com/timlegge/perl-IO-Compress-Brotli",
"vendor": "TIMLEGGE",
"versions": [
{
"lessThan": "0.007",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Robert Rothenberg (RRWO)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library.\u0026nbsp; Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your IO::Compress::Brotli module to 0.007\u0026nbsp;or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits."
}
],
"value": "A buffer overflow, as described in CVE-2020-8927, exists in the embedded Brotli library.\u00a0 Versions of IO::Compress::Brotli prior to 0.007 included a version of the brotli library prior to version 1.0.8, where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your IO::Compress::Brotli module to 0.007\u00a0or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395 Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T00:50:28.582Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/google/brotli/pull/826"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/advisories/GHSA-5v8v-66v8-mwm7"
},
{
"tags": [
"mitigation"
],
"url": "https://github.com/timlegge/perl-IO-Compress-Brotli/blob/8b44c83b23bb4658179e1494af4b725a1bc476bc/Changes#L52"
},
{
"tags": [
"vdb-entry"
],
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8927"
},
{
"tags": [
"patch"
],
"url": "https://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IO::Compress::Brotli versions prior to 0.007 for Perl have an integer overflow in the bundled Brotli C library",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2020-36846",
"datePublished": "2025-05-30T00:50:28.582Z",
"dateReserved": "2025-05-28T01:44:05.054Z",
"dateUpdated": "2025-05-30T22:01:41.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40911 (GCVE-0-2025-40911)
Vulnerability from cvelistv5 – Published: 2025-05-27 21:17 – Updated: 2025-05-28 13:56
VLAI?
Summary
Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.
Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.
Net::CIDR::Set used code from Net::CIDR::Lite, which had a similar vulnerability CVE-2021-47154.
Severity ?
6.5 (Medium)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RRWO | Net::CIDR::Set |
Affected:
0.10 , ≤ 0.13
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-28T13:38:44.822895Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T13:56:12.480Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Net-CIDR-Set",
"product": "Net::CIDR::Set",
"repo": "https://github.com/robrwo/perl-Net-CIDR-Set",
"vendor": "RRWO",
"versions": [
{
"lessThanOrEqual": "0.13",
"status": "affected",
"version": "0.10",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.\u003cbr\u003e\u003cbr\u003eLeading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.\u003cbr\u003e\u003cbr\u003eNet::CIDR::Set used code from Net::CIDR::Lite, which had a similar vulnerability CVE-2021-47154."
}
],
"value": "Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses.\n\nLeading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.\n\nNet::CIDR::Set used code from Net::CIDR::Lite, which had a similar vulnerability CVE-2021-47154."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287 Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-27T21:17:42.238Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://metacpan.org/release/RRWO/Net-CIDR-Set-0.14/changes"
},
{
"tags": [
"patch"
],
"url": "https://github.com/robrwo/perl-Net-CIDR-Set/commit/be7d91e8446ad8013b08b4be313d666dab003a8a.patch"
},
{
"tags": [
"related"
],
"url": "https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version 0.14, or apply the patch provided by the module author."
}
],
"value": "Update to version 0.14, or apply the patch provided by the module author."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40911",
"datePublished": "2025-05-27T21:17:42.238Z",
"dateReserved": "2025-04-16T09:05:34.361Z",
"dateUpdated": "2025-05-28T13:56:12.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40906 (GCVE-0-2025-40906)
Vulnerability from cvelistv5 – Published: 2025-05-16 15:15 – Updated: 2025-09-09 13:54
VLAI?
Summary
BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities.
Those include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755.
BSON-XS was the official Perl XS implementation of MongoDB's BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported.
Severity ?
9.8 (Critical)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-17T02:38:23.781160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T13:54:31.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "BSON-XS",
"product": "BSON::XS",
"repo": "https://github.com/mongodb-labs/mongo-perl-bson-xs",
"vendor": "MONGODB",
"versions": [
{
"lessThanOrEqual": "0.8.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities.\u003cbr\u003e\u003cbr\u003eThose include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755. \u003cbr\u003e\u003cbr\u003eBSON-XS was the official Perl XS implementation of MongoDB\u0027s BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported.\u003cbr\u003e"
}
],
"value": "BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities.\n\nThose include CVE-2017-14227, CVE-2018-16790, CVE-2023-0437, CVE-2024-6381, CVE-2024-6383, and CVE-2025-0755. \n\nBSON-XS was the official Perl XS implementation of MongoDB\u0027s BSON serialization, but this distribution has reached its end of life as of August 13, 2020 and is no longer supported."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395 Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1104",
"description": "CWE-1104 Use of Unmaintained Third Party Components",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T13:22:22.125Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00012.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.mongodb.com/community/forums/t/mongodb-perl-driver-end-of-life/7890"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Manually remove the bundled version of libbson, update the \"bson\" folder with an up-to-date version of libbson\u0027s source code and try building against it."
}
],
"value": "Manually remove the bundled version of libbson, update the \"bson\" folder with an up-to-date version of libbson\u0027s source code and try building against it."
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Consider using a security patched version of BSON::XS from a downstream packager or OS distribution."
}
],
"value": "Consider using a security patched version of BSON::XS from a downstream packager or OS distribution."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40906",
"datePublished": "2025-05-16T15:15:49.810Z",
"dateReserved": "2025-04-16T09:05:34.360Z",
"dateUpdated": "2025-09-09T13:54:31.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-40907 (GCVE-0-2025-40907)
Vulnerability from cvelistv5 – Published: 2025-05-16 13:03 – Updated: 2025-09-05 13:23
VLAI?
Summary
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.
The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
Severity ?
5.3 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Credits
Synacktiv
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-40907",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T15:07:46.084885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T15:09:00.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "FCGI",
"product": "FCGI",
"programFiles": [
"libfcgi/fcgiapp.c"
],
"programRoutines": [
{
"name": "ReadParams()"
}
],
"repo": "https://github.com/FastCGI-Archives/fcgi2",
"vendor": "ETHER",
"versions": [
{
"lessThanOrEqual": "0.82",
"status": "affected",
"version": "0.44",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Synacktiv"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.\u003cbr\u003e\u003cbr\u003eThe included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.\u003cbr\u003e"
}
],
"value": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library.\n\nThe included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A proof of concept exploit for the underlying library exists at\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation\"\u003ehttps://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation\u003c/a\u003e"
}
],
"value": "A proof of concept exploit for the underlying library exists at\u00a0 https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library#exploitation"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1395",
"description": "CWE-1395: Dependency on Vulnerable Third-Party Component",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T13:23:05.630Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2025/04/23/4"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/FastCGI-Archives/fcgi2/issues/67"
},
{
"tags": [
"patch"
],
"url": "https://github.com/FastCGI-Archives/fcgi2/releases/tag/2.4.5"
},
{
"tags": [
"technical-description"
],
"url": "https://www.synacktiv.com/en/publications/cve-2025-23016-exploiting-the-fastcgi-library"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/perl-catalyst/FCGI/issues/14"
},
{
"tags": [
"patch"
],
"url": "https://patch-diff.githubusercontent.com/raw/FastCGI-Archives/fcgi2/pull/74.patch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Updating to version 2.4.5 of the included fcgi2 library and rebuilding the Perl module will protect against the vulnerability.\u003cbr\u003e\u003cbr\u003eWe also recommend limiting potential remote access to the FastCGI socket by declaring it as a UNIX socket.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Updating to version 2.4.5 of the included fcgi2 library and rebuilding the Perl module will protect against the vulnerability.\n\nWe also recommend limiting potential remote access to the FastCGI socket by declaring it as a UNIX socket."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2025-40907",
"datePublished": "2025-05-16T13:03:02.774Z",
"dateReserved": "2025-04-16T09:05:34.360Z",
"dateUpdated": "2025-09-05T13:23:05.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-58134 (GCVE-0-2024-58134)
Vulnerability from cvelistv5 – Published: 2025-05-03 16:08 – Updated: 2025-10-20 20:09
VLAI?
Summary
Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default.
These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user’s session.
Severity ?
8.1 (High)
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SRI | Mojolicious |
Affected:
0.999922 , ≤ *
(custom)
|
Credits
Antoine Cervoise from Synacktiv
Jakub Kramarz
Lukas Atkinson
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-58134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-12T15:57:49.444238Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-12T16:00:28.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Mojolicious",
"product": "Mojolicious",
"programFiles": [
"lib/Mojolicious.pm"
],
"programRoutines": [
{
"name": "secrets()"
}
],
"repo": "https://github.com/mojolicious/mojo",
"vendor": "SRI",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0.999922",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "Antoine Cervoise from Synacktiv"
},
{
"lang": "en",
"type": "analyst",
"value": "Jakub Kramarz"
},
{
"lang": "en",
"type": "analyst",
"value": "Lukas Atkinson"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application\u0027s class name, as an HMAC session cookie secret by default.\u003cbr\u003e\u003cbr\u003eThese predictable default secrets can be exploited by an attacker to forge session cookies.\u0026nbsp; An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user\u2019s session.\u003cbr\u003e"
}
],
"value": "Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application\u0027s class name, as an HMAC session cookie secret by default.\n\nThese predictable default secrets can be exploited by an attacker to forge session cookies.\u00a0 An attacker who knows or guesses the secret could compute valid HMAC signatures for the session cookie, allowing them to tamper with or hijack another user\u2019s session."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-331",
"description": "CWE-331 Insufficient Entropy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T20:09:00.882Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/mojolicious/mojo/pull/1791"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/mojolicious/mojo/pull/2200"
},
{
"tags": [
"technical-description"
],
"url": "https://www.synacktiv.com/publications/baking-mojolicious-cookies"
},
{
"tags": [
"technical-description"
],
"url": "https://medium.com/securing/baking-mojolicious-cookies-revisited-a-case-study-of-solving-security-problems-through-security-by-13da7c225802"
},
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/SRI/Mojolicious-9.39/source/lib/Mojolicious.pm#L51"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/hashcat/hashcat/pull/4090"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-perl/2025/05/msg00016.html"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-perl/2025/05/msg00017.html"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-perl/2025/05/msg00018.html"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/mojolicious/mojo/pull/2252"
},
{
"tags": [
"technical-description"
],
"url": "https://docs.mojolicious.org/Mojolicious/Guides/FAQ#What-does-Your-secret-passphrase-needs-to-be-changed-mean"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application\u0027s class name, as an HMAC session cookie secret by default",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that your Mojolicious application uses a unique secret of at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command.\u003cbr\u003e"
}
],
"value": "Ensure that your Mojolicious application uses a unique secret of at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2024-58134",
"datePublished": "2025-05-03T16:08:55.042Z",
"dateReserved": "2025-04-07T16:06:37.226Z",
"dateUpdated": "2025-10-20T20:09:00.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-58135 (GCVE-0-2024-58135)
Vulnerability from cvelistv5 – Published: 2025-05-03 10:16 – Updated: 2025-10-20 20:09
VLAI?
Summary
Mojolicious versions from 7.28 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default
When creating a default app skeleton with the "mojo generate app" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys.
Severity ?
5.3 (Medium)
CWE
- CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SRI | Mojolicious |
Affected:
7.28 , ≤ *
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-58135",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T17:58:51.652027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:06:35.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://cpan.org/modules",
"defaultStatus": "unaffected",
"packageName": "Mojolicious",
"product": "Mojolicious",
"programFiles": [
"lib/Mojolicious/Command/Author/generate/app.pm",
"lib/Mojo/Util.pm",
"lib/Mojolicious/Command/generate/app.pm"
],
"programRoutines": [
{
"name": "Mojolicious::Command::Author::generate::app::run()"
},
{
"name": "Mojo::Util::generate_secret()"
}
],
"repo": "https://github.com/mojolicious/mojo",
"vendor": "SRI",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "7.28",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Mojolicious versions from 7.28 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default\u003cbr\u003e\u003cbr\u003eWhen creating a default app skeleton with the \"mojo generate app\" tool, a weak secret is written to the application\u0027s configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application\u0027s sessions. This may allow an attacker to brute force the application\u0027s session keys.\u003cbr\u003e"
}
],
"value": "Mojolicious versions from 7.28 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default\n\nWhen creating a default app skeleton with the \"mojo generate app\" tool, a weak secret is written to the application\u0027s configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application\u0027s sessions. This may allow an attacker to brute force the application\u0027s session keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-338",
"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-20T20:09:18.816Z",
"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"shortName": "CPANSec"
},
"references": [
{
"tags": [
"related"
],
"url": "https://perldoc.perl.org/functions/rand"
},
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/SRI/Mojolicious-9.39/source/lib/Mojo/Util.pm#L181"
},
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/SRI/Mojolicious-9.38/source/lib/Mojolicious/Command/Author/generate/app.pm#L202"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/mojolicious/mojo/pull/2200"
},
{
"tags": [
"related"
],
"url": "https://metacpan.org/release/SRI/Mojolicious-7.28/source/lib/Mojolicious/Command/generate/app.pm#L220"
},
{
"tags": [
"technical-description"
],
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/hashcat/hashcat/pull/4090"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-perl/2025/05/msg00016.html"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-perl/2025/05/msg00017.html"
},
{
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-perl/2025/05/msg00018.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mojolicious versions from 7.28 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that your secret, stored in the application\u0027s configuration file, is at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command."
}
],
"value": "Ensure that your secret, stored in the application\u0027s configuration file, is at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command."
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "As of version 9.39 of Mojolicious, if the optional CryptX distribution version 0.080 or later is available in the include path before calling the \"mojo generate app\" tool, then a secure 1024 bit long secret will be generated.\u003cbr\u003e"
}
],
"value": "As of version 9.39 of Mojolicious, if the optional CryptX distribution version 0.080 or later is available in the include path before calling the \"mojo generate app\" tool, then a secure 1024 bit long secret will be generated."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
"assignerShortName": "CPANSec",
"cveId": "CVE-2024-58135",
"datePublished": "2025-05-03T10:16:10.636Z",
"dateReserved": "2025-04-07T16:06:37.226Z",
"dateUpdated": "2025-10-20T20:09:18.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}