{"api_version":"1","generated_at":"2026-06-24T16:34:09+00:00","cve":"CVE-2024-58135","urls":{"html":"https://cve.report/CVE-2024-58135","api":"https://cve.report/api/cve/CVE-2024-58135.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-58135","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-58135"},"summary":{"title":"Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default","description":"Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default.\n\nWhen creating a default app skeleton with the \"mojo generate app\" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys.\n\nRelease 9.46 fixes the issue by providing high quality randomness, even in absence of CryptX.\n\nUsers should be aware that the update does not replace previously generated weak secrets.  A secret generated with the previous version MUST be replaced to ensure the updated version is using a strong secret.","state":"PUBLISHED","assigner":"CPANSec","published_at":"2025-05-03 11:15:48","updated_at":"2026-06-05 14:16:31"},"problem_types":["CWE-338","CWE-338 CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"],"metrics":[{"version":"3.1","source":"ADP","type":"DECLARED","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"https://lists.debian.org/debian-perl/2025/05/msg00016.html","name":"https://lists.debian.org/debian-perl/2025/05/msg00016.html","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://metacpan.org/release/SRI/Mojolicious-9.38/source/lib/Mojolicious/Command/Author/generate/app.pm#L202","name":"https://metacpan.org/release/SRI/Mojolicious-9.38/source/lib/Mojolicious/Command/Author/generate/app.pm#L202","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Product"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://perldoc.perl.org/functions/rand","name":"https://perldoc.perl.org/functions/rand","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Product"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://metacpan.org/release/SRI/Mojolicious-9.46/source/Changes","name":"https://metacpan.org/release/SRI/Mojolicious-9.46/source/Changes","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/hashcat/hashcat/pull/4090","name":"https://github.com/hashcat/hashcat/pull/4090","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Issue Tracking","Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://metacpan.org/release/SRI/Mojolicious-9.39/source/lib/Mojo/Util.pm#L181","name":"https://metacpan.org/release/SRI/Mojolicious-9.39/source/lib/Mojo/Util.pm#L181","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Product"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.debian.org/debian-perl/2025/05/msg00017.html","name":"https://lists.debian.org/debian-perl/2025/05/msg00017.html","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/mojolicious/mojo/commit/fb3733f92cc8a3344e6d615b3c7dac9d538eeab0.patch","name":"https://github.com/mojolicious/mojo/commit/fb3733f92cc8a3344e6d615b3c7dac9d538eeab0.patch","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.debian.org/debian-perl/2025/05/msg00018.html","name":"https://lists.debian.org/debian-perl/2025/05/msg00018.html","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://security.metacpan.org/docs/guides/random-data-for-security.html","name":"https://security.metacpan.org/docs/guides/random-data-for-security.html","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Technical Description"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/mojolicious/mojo/commit/789cfa43f9118852b38cbd1fd0a2596bcb9821ea.patch","name":"https://github.com/mojolicious/mojo/commit/789cfa43f9118852b38cbd1fd0a2596bcb9821ea.patch","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://github.com/mojolicious/mojo/pull/2200","name":"https://github.com/mojolicious/mojo/pull/2200","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Exploit","Issue Tracking","Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://metacpan.org/release/SRI/Mojolicious-7.28/source/lib/Mojolicious/Command/generate/app.pm#L220","name":"https://metacpan.org/release/SRI/Mojolicious-7.28/source/lib/Mojolicious/Command/generate/app.pm#L220","refsource":"9b29abf9-4ab0-4765-b253-1875cd9b441e","tags":["Product"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-58135","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-58135","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"SRI","product":"Mojolicious","version":"affected 7.28 9.45 custom","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"Upgrade to version 9.46 and replace previously generated secrets.","time":"","lang":"en"}],"workarounds":[{"source":"CNA","title":"","value":"Ensure that your secret, stored in the application's configuration file, is at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command.","time":"","lang":"en"},{"source":"CNA","title":"","value":"As of version 9.39 of Mojolicious, if the optional CryptX distribution version 0.080 or later is available in the include path before calling the \"mojo generate app\" tool, then a secure 1024 bit long secret will be generated.","time":"","lang":"en"}],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"58135","vulnerable":"1","versionEndIncluding":"9.40","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mojolicious","cpe5":"mojolicious","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"perl","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2024","cve_id":"58135","cve":"CVE-2024-58135","epss":"0.006810000","percentile":"0.720880000","score_date":"2026-06-10","updated_at":"2026-06-11 00:06:43"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2024-58135","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-05-05T17:58:51.652027Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-338","description":"CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-05-07T19:06:35.967Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"collectionURL":"https://cpan.org/modules","defaultStatus":"unaffected","packageName":"Mojolicious","product":"Mojolicious","programFiles":["lib/Mojolicious/Command/Author/generate/app.pm","lib/Mojo/Util.pm","lib/Mojolicious/Command/generate/app.pm"],"programRoutines":[{"name":"Mojolicious::Command::Author::generate::app::run()"},{"name":"Mojo::Util::generate_secret()"}],"repo":"https://github.com/mojolicious/mojo","vendor":"SRI","versions":[{"lessThanOrEqual":"9.45","status":"affected","version":"7.28","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default.\n\nWhen creating a default app skeleton with the \"mojo generate app\" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys.\n\nRelease 9.46 fixes the issue by providing high quality randomness, even in absence of CryptX.\n\nUsers should be aware that the update does not replace previously generated weak secrets.  A secret generated with the previous version MUST be replaced to ensure the updated version is using a strong secret."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-338","description":"CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-05T12:37:53.344Z","orgId":"9b29abf9-4ab0-4765-b253-1875cd9b441e","shortName":"CPANSec"},"references":[{"tags":["related"],"url":"https://perldoc.perl.org/functions/rand"},{"tags":["related"],"url":"https://metacpan.org/release/SRI/Mojolicious-9.39/source/lib/Mojo/Util.pm#L181"},{"tags":["related"],"url":"https://metacpan.org/release/SRI/Mojolicious-9.38/source/lib/Mojolicious/Command/Author/generate/app.pm#L202"},{"tags":["issue-tracking"],"url":"https://github.com/mojolicious/mojo/pull/2200"},{"tags":["related"],"url":"https://metacpan.org/release/SRI/Mojolicious-7.28/source/lib/Mojolicious/Command/generate/app.pm#L220"},{"tags":["technical-description"],"url":"https://security.metacpan.org/docs/guides/random-data-for-security.html"},{"tags":["exploit"],"url":"https://github.com/hashcat/hashcat/pull/4090"},{"tags":["mailing-list"],"url":"https://lists.debian.org/debian-perl/2025/05/msg00016.html"},{"tags":["mailing-list"],"url":"https://lists.debian.org/debian-perl/2025/05/msg00017.html"},{"tags":["mailing-list"],"url":"https://lists.debian.org/debian-perl/2025/05/msg00018.html"},{"tags":["release-notes"],"url":"https://metacpan.org/release/SRI/Mojolicious-9.46/source/Changes"},{"tags":["patch"],"url":"https://github.com/mojolicious/mojo/commit/fb3733f92cc8a3344e6d615b3c7dac9d538eeab0.patch"},{"tags":["patch"],"url":"https://github.com/mojolicious/mojo/commit/789cfa43f9118852b38cbd1fd0a2596bcb9821ea.patch"}],"solutions":[{"lang":"en","value":"Upgrade to version 9.46 and replace previously generated secrets."}],"source":{"discovery":"UNKNOWN"},"title":"Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default","workarounds":[{"lang":"en","value":"Ensure that your secret, stored in the application's configuration file, is at least 128 bit of cryptographically secure random data. For example, to generate a 256 bit secret, one could use the output generated by the \"openssl rand -base64 32\" command."},{"lang":"en","value":"As of version 9.39 of Mojolicious, if the optional CryptX distribution version 0.080 or later is available in the include path before calling the \"mojo generate app\" tool, then a secure 1024 bit long secret will be generated."}],"x_generator":{"engine":"cpansec-cna-tool 0.1"}}},"cveMetadata":{"assignerOrgId":"9b29abf9-4ab0-4765-b253-1875cd9b441e","assignerShortName":"CPANSec","cveId":"CVE-2024-58135","datePublished":"2025-05-03T10:16:10.636Z","dateReserved":"2025-04-07T16:06:37.226Z","dateUpdated":"2026-06-05T12:37:53.344Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-05-03 11:15:48","lastModifiedDate":"2026-06-05 14:16:31","problem_types":["CWE-338","CWE-338 CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mojolicious:mojolicious:*:*:*:*:*:perl:*:*","versionStartIncluding":"7.28","versionEndIncluding":"9.40","matchCriteriaId":"18CB7F71-95D5-44DC-BD63-01394CC408B4"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"58135","Ordinal":"1","Title":"Mojolicious versions from 7.28 through 9.45 for Perl will genera","CVE":"CVE-2024-58135","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"58135","Ordinal":"1","NoteData":"Mojolicious versions from 7.28 through 9.45 for Perl will generate weak HMAC session cookie secrets via \"mojo generate app\" by default.\n\nWhen creating a default app skeleton with the \"mojo generate app\" tool, a weak secret is written to the application's configuration file using the insecure rand() function, and used for authenticating and protecting the integrity of the application's sessions. This may allow an attacker to brute force the application's session keys.\n\nRelease 9.46 fixes the issue by providing high quality randomness, even in absence of CryptX.\n\nUsers should be aware that the update does not replace previously generated weak secrets.  A secret generated with the previous version MUST be replaced to ensure the updated version is using a strong secret.","Type":"Description","Title":"Mojolicious versions from 7.28 through 9.45 for Perl will genera"}]}}}