CVE-2025-40924
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-40924
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-40924.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-40924
- Downstream
- Published
- 2025-07-17T14:15:31Z
- Modified
- 2025-08-17T10:52:50.533824Z
- Summary
- [none]
- Details
-
Catalyst::Plugin::Session before version 0.44 for Perl generates session ids insecurely.
The session id is generated from a (usually SHA-1) hash of a simple counter, the epoch time, the built-in rand function, the PID and the current Catalyst context. This information is of low entropy. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.
Predicable session ids could allow an attacker to gain access to systems.
- References
-
- https://github.com/perl-catalyst/Catalyst-Plugin-Session/commit/c0e2b4ab1e42ebce1008286db8c571b6ee98c22c.patch
- https://github.com/perl-catalyst/Catalyst-Plugin-Session/pull/5
- https://metacpan.org/release/HAARG/Catalyst-Plugin-Session-0.43/source/lib/Catalyst/Plugin/Session.pm#L632
- https://security-tracker.debian.org/tracker/CVE-2025-40924
Affected packages
Debian:11 / libcatalyst-plugin-session-perl
Package
- Name
- libcatalyst-plugin-session-perl
- Purl
- pkg:deb/debian/libcatalyst-plugin-session-perl?arch=source
Debian:12 / libcatalyst-plugin-session-perl
Package
- Name
- libcatalyst-plugin-session-perl
- Purl
- pkg:deb/debian/libcatalyst-plugin-session-perl?arch=source
Debian:13 / libcatalyst-plugin-session-perl
Package
- Name
- libcatalyst-plugin-session-perl
- Purl
- pkg:deb/debian/libcatalyst-plugin-session-perl?arch=source
Debian:14 / libcatalyst-plugin-session-perl
Package
- Name
- libcatalyst-plugin-session-perl
- Purl
- pkg:deb/debian/libcatalyst-plugin-session-perl?arch=source