HTTP-Session2 Security Advisories - Cpan | Ecosyste.ms: Advisories

HTTP-Session2

HTTP session management

View on github.com · View on metacpan.org

Security Advisories for HTTP-Session2 in cpan

4 months ago

HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand() function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID wi... CPANSA-HTTP-Session2-2026-3255

cpan HTTP-Session2

Critical

over 8 years ago

HTTP::Session2 1.09 does not validate session id, this causes RCE depending on the session store you use. CPANSA-HTTP-Session2-2018-01

cpan HTTP-Session2

Filter by Severity