Sri Mojolicious

3 CVEs affecting Sri Mojolicious. Latest disclosed: 2026-07-14. Critical: 0, High: 1.

Top CVEs affecting Sri Mojolicious
CVESeverityScorePublishedSummary
CVE-2024-58134High8.12025-05-03Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These pred…
CVE-2024-58135Medium5.32025-05-03Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via "mojo generate app" by default. When creating a defaul…
CVE-2026-157472026-07-14Mojolicious versions from 4.59 before 9.48 for Perl expose a stable representation of the session CSRF token to a BREACH compression oracle. _csrf_token gener…