CVE-2014-125112
CRITICAL9.8EPSS 0.14%Published: 3/26/2026Modified: 4/28/2026
Also known as:DEBIAN-CVE-2014-125112
Description
Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution. Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of the cookie data, when there is no secret used to sign the cookie.
Affected packages (1)
- Debian/libplack-middleware-session-perlfrom 0, < 0.24-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |