Thread Index - May 2025 - CPANSec CVE announcements

CVE-2024-58135: Mojolicious versions from 7.28 through 9.39 for Perl may generate weak HMAC session secrets Breno Oliveira (03 May 2025 10:16 UTC)
CVE-2024-58134: Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default Breno Oliveira (03 May 2025 16:13 UTC)