Upstream information
Description
Plack::Middleware::Session::Cookie versions through 0.21 for Perl allows remote code execution.Plack::Middleware::Session::Cookie versions through 0.21 has a security vulnerability where it allows an attacker to execute arbitrary code on the server during deserialization of the cookie data, when there is no secret used to sign the cookie.
SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 1260678 [NEW] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Thu Mar 26 05:00:03 2026CVE page last modified: Thu Mar 26 13:27:24 2026