QwikSec

Security Database

CVE

CWE

Training

CVE-2014-125112

Published: Mar 26, 2026

Modified: Mar 26, 2026

PUBLISHED

Description

Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of the cookie data, when there is no secret used to sign the cookie.

Vendor	Product	Versions
MIYAGAWA	Plack::Middleware::Session::Cookie	affected `0 - <= 0.21`

Weaknesses (CWE)

References

https://gist.github.com/miyagawa/2b8764af908a0dacd43d

technical-description

https://metacpan.org/release/MIYAGAWA/Plack-Middleware-Session-0.23-TRIAL/changes

release-notes

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.