CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-58135

Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default. When creating a default app skeleton with the "mojo generate app" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys. Release 9.46 fixes the issue by providing high quality randomness, even in absence of CryptX. Users should be aware that the update does not replace previously generated weak secrets. A secret generated with the previous version MUST be replaced to ensure the updated version is using a strong secret.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 36.0%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2024-58135

Mojolicious » Mojolicious » Version: 7.28

cpe:2.3:a:mojolicious:mojolicious:7.28
Mojolicious » Mojolicious » Version: 7.29

cpe:2.3:a:mojolicious:mojolicious:7.29
Mojolicious » Mojolicious » Version: 7.30

cpe:2.3:a:mojolicious:mojolicious:7.30
Mojolicious » Mojolicious » Version: 7.31

cpe:2.3:a:mojolicious:mojolicious:7.31
Mojolicious » Mojolicious » Version: 7.32

cpe:2.3:a:mojolicious:mojolicious:7.32
Mojolicious » Mojolicious » Version: 7.33

cpe:2.3:a:mojolicious:mojolicious:7.33
Mojolicious » Mojolicious » Version: 7.34

cpe:2.3:a:mojolicious:mojolicious:7.34
Mojolicious » Mojolicious » Version: 7.35

cpe:2.3:a:mojolicious:mojolicious:7.35
Mojolicious » Mojolicious » Version: 7.36

cpe:2.3:a:mojolicious:mojolicious:7.36
Mojolicious » Mojolicious » Version: 7.37

cpe:2.3:a:mojolicious:mojolicious:7.37
Mojolicious » Mojolicious » Version: 7.38

cpe:2.3:a:mojolicious:mojolicious:7.38
Mojolicious » Mojolicious » Version: 7.39

cpe:2.3:a:mojolicious:mojolicious:7.39
Mojolicious » Mojolicious » Version: 7.40

cpe:2.3:a:mojolicious:mojolicious:7.40
Mojolicious » Mojolicious » Version: 7.41

cpe:2.3:a:mojolicious:mojolicious:7.41
Mojolicious » Mojolicious » Version: 7.42

cpe:2.3:a:mojolicious:mojolicious:7.42
Mojolicious » Mojolicious » Version: 7.43

cpe:2.3:a:mojolicious:mojolicious:7.43
Mojolicious » Mojolicious » Version: 7.44

cpe:2.3:a:mojolicious:mojolicious:7.44
Mojolicious » Mojolicious » Version: 7.45

cpe:2.3:a:mojolicious:mojolicious:7.45
Mojolicious » Mojolicious » Version: 7.46

cpe:2.3:a:mojolicious:mojolicious:7.46
Mojolicious » Mojolicious » Version: 7.47

cpe:2.3:a:mojolicious:mojolicious:7.47
Mojolicious » Mojolicious » Version: 7.48

cpe:2.3:a:mojolicious:mojolicious:7.48
Mojolicious » Mojolicious » Version: 7.49

cpe:2.3:a:mojolicious:mojolicious:7.49
Mojolicious » Mojolicious » Version: 7.50

cpe:2.3:a:mojolicious:mojolicious:7.50
Mojolicious » Mojolicious » Version: 7.51

cpe:2.3:a:mojolicious:mojolicious:7.51
Mojolicious » Mojolicious » Version: 7.52

cpe:2.3:a:mojolicious:mojolicious:7.52
Mojolicious » Mojolicious » Version: 7.53

cpe:2.3:a:mojolicious:mojolicious:7.53
Mojolicious » Mojolicious » Version: 7.54

cpe:2.3:a:mojolicious:mojolicious:7.54
Mojolicious » Mojolicious » Version: 7.55

cpe:2.3:a:mojolicious:mojolicious:7.55
Mojolicious » Mojolicious » Version: 7.56

cpe:2.3:a:mojolicious:mojolicious:7.56
Mojolicious » Mojolicious » Version: 7.57

cpe:2.3:a:mojolicious:mojolicious:7.57
Mojolicious » Mojolicious » Version: 7.58

cpe:2.3:a:mojolicious:mojolicious:7.58
Mojolicious » Mojolicious » Version: 7.59

cpe:2.3:a:mojolicious:mojolicious:7.59
Mojolicious » Mojolicious » Version: 7.60

cpe:2.3:a:mojolicious:mojolicious:7.60
Mojolicious » Mojolicious » Version: 7.61

cpe:2.3:a:mojolicious:mojolicious:7.61
Mojolicious » Mojolicious » Version: 7.62

cpe:2.3:a:mojolicious:mojolicious:7.62
Mojolicious » Mojolicious » Version: 7.63

cpe:2.3:a:mojolicious:mojolicious:7.63
Mojolicious » Mojolicious » Version: 7.64

cpe:2.3:a:mojolicious:mojolicious:7.64
Mojolicious » Mojolicious » Version: 7.65

cpe:2.3:a:mojolicious:mojolicious:7.65
Mojolicious » Mojolicious » Version: 7.66

cpe:2.3:a:mojolicious:mojolicious:7.66
Mojolicious » Mojolicious » Version: 7.67

cpe:2.3:a:mojolicious:mojolicious:7.67
Mojolicious » Mojolicious » Version: 7.68

cpe:2.3:a:mojolicious:mojolicious:7.68
Mojolicious » Mojolicious » Version: 7.69

cpe:2.3:a:mojolicious:mojolicious:7.69
Mojolicious » Mojolicious » Version: 7.70

cpe:2.3:a:mojolicious:mojolicious:7.70
Mojolicious » Mojolicious » Version: 7.71

cpe:2.3:a:mojolicious:mojolicious:7.71
Mojolicious » Mojolicious » Version: 7.72

cpe:2.3:a:mojolicious:mojolicious:7.72
Mojolicious » Mojolicious » Version: 7.73

cpe:2.3:a:mojolicious:mojolicious:7.73
Mojolicious » Mojolicious » Version: 7.74

cpe:2.3:a:mojolicious:mojolicious:7.74
Mojolicious » Mojolicious » Version: 7.75

cpe:2.3:a:mojolicious:mojolicious:7.75
Mojolicious » Mojolicious » Version: 7.76

cpe:2.3:a:mojolicious:mojolicious:7.76
Mojolicious » Mojolicious » Version: 7.77

cpe:2.3:a:mojolicious:mojolicious:7.77
Mojolicious » Mojolicious » Version: 7.78

cpe:2.3:a:mojolicious:mojolicious:7.78
Mojolicious » Mojolicious » Version: 7.79

cpe:2.3:a:mojolicious:mojolicious:7.79
Mojolicious » Mojolicious » Version: 7.80

cpe:2.3:a:mojolicious:mojolicious:7.80
Mojolicious » Mojolicious » Version: 7.81

cpe:2.3:a:mojolicious:mojolicious:7.81
Mojolicious » Mojolicious » Version: 7.82

cpe:2.3:a:mojolicious:mojolicious:7.82
Mojolicious » Mojolicious » Version: 7.83

cpe:2.3:a:mojolicious:mojolicious:7.83
Mojolicious » Mojolicious » Version: 7.84

cpe:2.3:a:mojolicious:mojolicious:7.84
Mojolicious » Mojolicious » Version: 7.85

cpe:2.3:a:mojolicious:mojolicious:7.85
Mojolicious » Mojolicious » Version: 7.86

cpe:2.3:a:mojolicious:mojolicious:7.86
Mojolicious » Mojolicious » Version: 7.87

cpe:2.3:a:mojolicious:mojolicious:7.87
Mojolicious » Mojolicious » Version: 7.88

cpe:2.3:a:mojolicious:mojolicious:7.88
Mojolicious » Mojolicious » Version: 7.89

cpe:2.3:a:mojolicious:mojolicious:7.89
Mojolicious » Mojolicious » Version: 7.90

cpe:2.3:a:mojolicious:mojolicious:7.90
Mojolicious » Mojolicious » Version: 7.91

cpe:2.3:a:mojolicious:mojolicious:7.91
Mojolicious » Mojolicious » Version: 7.92

cpe:2.3:a:mojolicious:mojolicious:7.92
Mojolicious » Mojolicious » Version: 7.93

cpe:2.3:a:mojolicious:mojolicious:7.93
Mojolicious » Mojolicious » Version: 7.94

cpe:2.3:a:mojolicious:mojolicious:7.94
Mojolicious » Mojolicious » Version: 8.0

cpe:2.3:a:mojolicious:mojolicious:8.0
Mojolicious » Mojolicious » Version: 8.01

cpe:2.3:a:mojolicious:mojolicious:8.01
Mojolicious » Mojolicious » Version: 8.02

cpe:2.3:a:mojolicious:mojolicious:8.02
Mojolicious » Mojolicious » Version: 8.03

cpe:2.3:a:mojolicious:mojolicious:8.03
Mojolicious » Mojolicious » Version: 8.04

cpe:2.3:a:mojolicious:mojolicious:8.04
Mojolicious » Mojolicious » Version: 8.05

cpe:2.3:a:mojolicious:mojolicious:8.05
Mojolicious » Mojolicious » Version: 8.06

cpe:2.3:a:mojolicious:mojolicious:8.06
Mojolicious » Mojolicious » Version: 8.07

cpe:2.3:a:mojolicious:mojolicious:8.07
Mojolicious » Mojolicious » Version: 8.08

cpe:2.3:a:mojolicious:mojolicious:8.08
Mojolicious » Mojolicious » Version: 8.09

cpe:2.3:a:mojolicious:mojolicious:8.09
Mojolicious » Mojolicious » Version: 8.10

cpe:2.3:a:mojolicious:mojolicious:8.10
Mojolicious » Mojolicious » Version: 8.11

cpe:2.3:a:mojolicious:mojolicious:8.11
Mojolicious » Mojolicious » Version: 8.12

cpe:2.3:a:mojolicious:mojolicious:8.12
Mojolicious » Mojolicious » Version: 8.13

cpe:2.3:a:mojolicious:mojolicious:8.13
Mojolicious » Mojolicious » Version: 8.14

cpe:2.3:a:mojolicious:mojolicious:8.14
Mojolicious » Mojolicious » Version: 8.15

cpe:2.3:a:mojolicious:mojolicious:8.15
Mojolicious » Mojolicious » Version: 8.16

cpe:2.3:a:mojolicious:mojolicious:8.16
Mojolicious » Mojolicious » Version: 8.17

cpe:2.3:a:mojolicious:mojolicious:8.17
Mojolicious » Mojolicious » Version: 8.18

cpe:2.3:a:mojolicious:mojolicious:8.18
Mojolicious » Mojolicious » Version: 8.19

cpe:2.3:a:mojolicious:mojolicious:8.19
Mojolicious » Mojolicious » Version: 8.20

cpe:2.3:a:mojolicious:mojolicious:8.20
Mojolicious » Mojolicious » Version: 8.21

cpe:2.3:a:mojolicious:mojolicious:8.21
Mojolicious » Mojolicious » Version: 8.22

cpe:2.3:a:mojolicious:mojolicious:8.22
Mojolicious » Mojolicious » Version: 8.23

cpe:2.3:a:mojolicious:mojolicious:8.23
Mojolicious » Mojolicious » Version: 8.24

cpe:2.3:a:mojolicious:mojolicious:8.24
Mojolicious » Mojolicious » Version: 8.25

cpe:2.3:a:mojolicious:mojolicious:8.25
Mojolicious » Mojolicious » Version: 8.26

cpe:2.3:a:mojolicious:mojolicious:8.26
Mojolicious » Mojolicious » Version: 8.27

cpe:2.3:a:mojolicious:mojolicious:8.27
Mojolicious » Mojolicious » Version: 8.28

cpe:2.3:a:mojolicious:mojolicious:8.28
Mojolicious » Mojolicious » Version: 8.29

cpe:2.3:a:mojolicious:mojolicious:8.29
Mojolicious » Mojolicious » Version: 8.30

cpe:2.3:a:mojolicious:mojolicious:8.30
Mojolicious » Mojolicious » Version: 8.31

cpe:2.3:a:mojolicious:mojolicious:8.31
Mojolicious » Mojolicious » Version: 8.32

cpe:2.3:a:mojolicious:mojolicious:8.32
Mojolicious » Mojolicious » Version: 8.33

cpe:2.3:a:mojolicious:mojolicious:8.33
Mojolicious » Mojolicious » Version: 8.35

cpe:2.3:a:mojolicious:mojolicious:8.35
Mojolicious » Mojolicious » Version: 8.36

cpe:2.3:a:mojolicious:mojolicious:8.36
Mojolicious » Mojolicious » Version: 8.37

cpe:2.3:a:mojolicious:mojolicious:8.37
Mojolicious » Mojolicious » Version: 8.38

cpe:2.3:a:mojolicious:mojolicious:8.38
Mojolicious » Mojolicious » Version: 8.39

cpe:2.3:a:mojolicious:mojolicious:8.39
Mojolicious » Mojolicious » Version: 8.40

cpe:2.3:a:mojolicious:mojolicious:8.40
Mojolicious » Mojolicious » Version: 8.41

cpe:2.3:a:mojolicious:mojolicious:8.41
Mojolicious » Mojolicious » Version: 8.42

cpe:2.3:a:mojolicious:mojolicious:8.42
Mojolicious » Mojolicious » Version: 8.50

cpe:2.3:a:mojolicious:mojolicious:8.50
Mojolicious » Mojolicious » Version: 8.51

cpe:2.3:a:mojolicious:mojolicious:8.51
Mojolicious » Mojolicious » Version: 8.52

cpe:2.3:a:mojolicious:mojolicious:8.52
Mojolicious » Mojolicious » Version: 8.53

cpe:2.3:a:mojolicious:mojolicious:8.53
Mojolicious » Mojolicious » Version: 8.54

cpe:2.3:a:mojolicious:mojolicious:8.54
Mojolicious » Mojolicious » Version: 8.55

cpe:2.3:a:mojolicious:mojolicious:8.55
Mojolicious » Mojolicious » Version: 8.56

cpe:2.3:a:mojolicious:mojolicious:8.56
Mojolicious » Mojolicious » Version: 8.57

cpe:2.3:a:mojolicious:mojolicious:8.57
Mojolicious » Mojolicious » Version: 8.58

cpe:2.3:a:mojolicious:mojolicious:8.58
Mojolicious » Mojolicious » Version: 8.59

cpe:2.3:a:mojolicious:mojolicious:8.59
Mojolicious » Mojolicious » Version: 8.60

cpe:2.3:a:mojolicious:mojolicious:8.60
Mojolicious » Mojolicious » Version: 8.61

cpe:2.3:a:mojolicious:mojolicious:8.61
Mojolicious » Mojolicious » Version: 8.62

cpe:2.3:a:mojolicious:mojolicious:8.62
Mojolicious » Mojolicious » Version: 8.63

cpe:2.3:a:mojolicious:mojolicious:8.63
Mojolicious » Mojolicious » Version: 8.64

cpe:2.3:a:mojolicious:mojolicious:8.64
Mojolicious » Mojolicious » Version: 8.65

cpe:2.3:a:mojolicious:mojolicious:8.65
Mojolicious » Mojolicious » Version: 8.66

cpe:2.3:a:mojolicious:mojolicious:8.66
Mojolicious » Mojolicious » Version: 8.67

cpe:2.3:a:mojolicious:mojolicious:8.67
Mojolicious » Mojolicious » Version: 8.68

cpe:2.3:a:mojolicious:mojolicious:8.68
Mojolicious » Mojolicious » Version: 8.69

cpe:2.3:a:mojolicious:mojolicious:8.69
Mojolicious » Mojolicious » Version: 8.70

cpe:2.3:a:mojolicious:mojolicious:8.70
Mojolicious » Mojolicious » Version: 8.71

cpe:2.3:a:mojolicious:mojolicious:8.71
Mojolicious » Mojolicious » Version: 8.72

cpe:2.3:a:mojolicious:mojolicious:8.72
Mojolicious » Mojolicious » Version: 8.73

cpe:2.3:a:mojolicious:mojolicious:8.73
Mojolicious » Mojolicious » Version: 9.0

cpe:2.3:a:mojolicious:mojolicious:9.0
Mojolicious » Mojolicious » Version: 9.01

cpe:2.3:a:mojolicious:mojolicious:9.01
Mojolicious » Mojolicious » Version: 9.02

cpe:2.3:a:mojolicious:mojolicious:9.02
Mojolicious » Mojolicious » Version: 9.03

cpe:2.3:a:mojolicious:mojolicious:9.03
Mojolicious » Mojolicious » Version: 9.07

cpe:2.3:a:mojolicious:mojolicious:9.07
Mojolicious » Mojolicious » Version: 9.08

cpe:2.3:a:mojolicious:mojolicious:9.08
Mojolicious » Mojolicious » Version: 9.09

cpe:2.3:a:mojolicious:mojolicious:9.09
Mojolicious » Mojolicious » Version: 9.10

cpe:2.3:a:mojolicious:mojolicious:9.10
Mojolicious » Mojolicious » Version: 9.11

cpe:2.3:a:mojolicious:mojolicious:9.11
Mojolicious » Mojolicious » Version: 9.12

cpe:2.3:a:mojolicious:mojolicious:9.12
Mojolicious » Mojolicious » Version: 9.13

cpe:2.3:a:mojolicious:mojolicious:9.13
Mojolicious » Mojolicious » Version: 9.14

cpe:2.3:a:mojolicious:mojolicious:9.14
Mojolicious » Mojolicious » Version: 9.15

cpe:2.3:a:mojolicious:mojolicious:9.15
Mojolicious » Mojolicious » Version: 9.16

cpe:2.3:a:mojolicious:mojolicious:9.16
Mojolicious » Mojolicious » Version: 9.17

cpe:2.3:a:mojolicious:mojolicious:9.17
Mojolicious » Mojolicious » Version: 9.18

cpe:2.3:a:mojolicious:mojolicious:9.18
Mojolicious » Mojolicious » Version: 9.19

cpe:2.3:a:mojolicious:mojolicious:9.19
Mojolicious » Mojolicious » Version: 9.20

cpe:2.3:a:mojolicious:mojolicious:9.20
Mojolicious » Mojolicious » Version: 9.21

cpe:2.3:a:mojolicious:mojolicious:9.21
Mojolicious » Mojolicious » Version: 9.22

cpe:2.3:a:mojolicious:mojolicious:9.22
Mojolicious » Mojolicious » Version: 9.23

cpe:2.3:a:mojolicious:mojolicious:9.23
Mojolicious » Mojolicious » Version: 9.24

cpe:2.3:a:mojolicious:mojolicious:9.24
Mojolicious » Mojolicious » Version: 9.25

cpe:2.3:a:mojolicious:mojolicious:9.25
Mojolicious » Mojolicious » Version: 9.26

cpe:2.3:a:mojolicious:mojolicious:9.26
Mojolicious » Mojolicious » Version: 9.27

cpe:2.3:a:mojolicious:mojolicious:9.27
Mojolicious » Mojolicious » Version: 9.28

cpe:2.3:a:mojolicious:mojolicious:9.28
Mojolicious » Mojolicious » Version: 9.29

cpe:2.3:a:mojolicious:mojolicious:9.29
Mojolicious » Mojolicious » Version: 9.30

cpe:2.3:a:mojolicious:mojolicious:9.30
Mojolicious » Mojolicious » Version: 9.31

cpe:2.3:a:mojolicious:mojolicious:9.31
Mojolicious » Mojolicious » Version: 9.32

cpe:2.3:a:mojolicious:mojolicious:9.32
Mojolicious » Mojolicious » Version: 9.33

cpe:2.3:a:mojolicious:mojolicious:9.33
Mojolicious » Mojolicious » Version: 9.34

cpe:2.3:a:mojolicious:mojolicious:9.34
Mojolicious » Mojolicious » Version: 9.35

cpe:2.3:a:mojolicious:mojolicious:9.35
Mojolicious » Mojolicious » Version: 9.36

cpe:2.3:a:mojolicious:mojolicious:9.36
Mojolicious » Mojolicious » Version: 9.37

cpe:2.3:a:mojolicious:mojolicious:9.37
Mojolicious » Mojolicious » Version: 9.38

cpe:2.3:a:mojolicious:mojolicious:9.38
Mojolicious » Mojolicious » Version: 9.39

cpe:2.3:a:mojolicious:mojolicious:9.39
Mojolicious » Mojolicious » Version: 9.40

cpe:2.3:a:mojolicious:mojolicious:9.40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-58135

Products

Pricing

Contact Us