Search Vulnerabilities

Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts

Solstice::Session versions through 1440 for Perl generates session ids insecurely

Ado::Sessions versions through 0.935 for Perl generates insecure session ids

Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id

Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)

PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely

Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key

HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids

Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id

Plack::Middleware::Session::Simple versions before 0.05 for Perl generates session ids insecurely

HTTP::Session2 versions before 1.12 for Perl may generate weak session ids using the rand() function

Apache::SessionX versions through 2.01 for Perl create insecure session id

Smolder versions through 1.51 for Perl uses insecure rand() function for cryptographic functions

Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids

Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely

WWW::OAuth 1.000 and earlier for Perl uses insecure rand() function for cryptographic functions

Fiber insecurely fallsback in utils.UUIDv4() / utils.UUID() — predictable / zero‑UUID on crypto/rand failure

Coturn has unsafe nonce and relay port randomization due to weak random number generation.