Mojolicious-Plugin-SessionStore CVE-2025-40923
CRITICALSeverity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Network-reachable session endpoints (AV:N) but prediction of SHA-1 seed requires enumeration of PID and timing (AC:H); no attacker authentication needed (PR:N); successful session hijacking yields full access to victim session data (C:H) and limited integrity impact via impersonation (I:L).
Primary rating from SUSE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
1Description PRE-NVD
AnalysisAI
Session ID generation in Mojolicious::Sessions::Storable through version 0.05 relies on predictable, low-entropy inputs - a SHA-1 hash seeded with Perl's built-in rand(), epoch time, a heap memory address, and the server PID - making session identifiers guessable by a network attacker. Successful exploitation enables session hijacking, allowing an attacker to impersonate authenticated users without possessing their credentials. No public exploit code has been identified and the vulnerability is not listed in CISA KEV, but the flaw is structurally significant on low-traffic, single-worker deployments where PID and timing entropy are minimal.
Technical ContextAI
Mojolicious::Sessions::Storable is a CPAN Perl module providing server-side session storage for the Mojolicious web framework, distributed as Mojolicious-Plugin-SessionStore. The default session ID generator, defined at lines 11-15 of lib/Mojolicious/Sessions/Storable.pm, constructs a SHA-1 digest from four inputs: Perl's built-in rand() (a non-cryptographic PRNG), the current Unix epoch time (observable via HTTP response headers), the heap address of an anonymous hash reference (potentially stable or inferrable), and the server process PID (a small, often predictable integer). SHA-1 is a deterministic transform - it does not amplify entropy beyond what its inputs provide. The root causes are CWE-338 (Use of Cryptographically Weak Pseudo-Random Number Generator) and CWE-340 (Generation of Predictable Numbers or Identifiers). The upstream fix requires Mojolicious 9.46 or later, which presumably exposes a cryptographically secure random source unavailable in earlier framework versions.
Affected ProductsAI
Mojolicious::Sessions::Storable versions through 0.05, distributed on CPAN as Mojolicious-Plugin-SessionStore by author HAYAJO, are confirmed affected. The vulnerable logic resides in lib/Mojolicious/Sessions/Storable.pm at lines 11-15, viewable at https://metacpan.org/release/HAYAJO/Mojolicious-Plugin-SessionStore-0.05/source/lib/Mojolicious/Sessions/Storable.pm#L11-15. No CPE string was provided in the available data. Any Mojolicious web application that uses this plugin for session management and runs a version of Mojolicious prior to 9.46 falls within the affected scope.
RemediationAI
Apply the CPAN Security Group patch available at https://security.metacpan.org/patches/M/Mojolicious-Plugin-SessionStore/0.05/CVE-2026-9692-r1.patch, which requires upgrading Mojolicious to version 9.46 or later to gain access to a cryptographically secure random source. Until the patch is applied, implement a custom session ID generator that uses a cryptographically secure PRNG such as Crypt::URandom or reading directly from /dev/urandom, overriding the module's default generator - this eliminates the dependency on rand() and epoch-based seeding without requiring a Mojolicious upgrade. As supplementary controls, enforce short session token lifetimes to reduce the hijacking window, and consider binding sessions to the client IP address or TLS client identity to raise the bar for replay. Refer to the MetaCPAN security guide at https://security.metacpan.org/docs/guides/random-data-for-security.html for Perl-specific secure randomness guidance. No independently confirmed fixed release version beyond the patch reference is available in the current data.
Same technique Information Disclosure
View allVendor StatusVendor
SUSE
Severity: CriticalShare
External POC / Exploit Code
Leaving vuln.today